Mail Security Issue

I have the following scenario:

On a Secure Web Site, we have an e-mail sign up form.

The person wanting to develop this is concerned about spammer intercepting
the e-mail address of signee.

We are using Apache and SSL.

What issues should myself, the system admin, and the developer be looking
out for and how far can we secure this site.
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Microsoft is not the solution; it is the question; what is the answer?? NO!!

On Thu, 29 Jul 2004 22:28:54 +0000 (UTC), doctor@edmontonab.ca (The
Doctor) wrote:

>I have the following scenario:
>
>On a Secure Web Site, we have an e-mail sign up form.
>
>The person wanting to develop this is concerned about spammer intercepting
>the e-mail address of signee.
>
>We are using Apache and SSL.
>
>What issues should myself, the system admin, and the developer be looking
>out for and how far can we secure this site.

You've cross-posted this to several groups which have very different
focuses, and so I can't tell what point of view you're thinking of
here.

You say you are using SSL, so presumably you aren't concerned about
the address being submitted from the browser to the web server. I
guess, then, that you must be thinking of the outgoing mail.

You aren't exactly clear about what your site is doing. I *think* what
you're saying is that you're asking for an email address and then
presumably sending mail to the new user, perhaps to "validate" the
given email address.

In this case, there's not really much you can do about the mail
transfer; SMTP in general operates over unencrypted links, and the
mail you're sending could pass through several mail servers before it
reaches its ultimate destination. If this concerns you, then I have to
say that perhaps your only option is to not send the mail at all.

Assuming I've got your focus and situation right here, I'm going to
trim the followups to comp.security.misc which seems to be the only
applicable newsgroup you crossposted to.

All the best,
-Claire

doctor@edmontonab.ca (The Doctor) writes:
> On a Secure Web Site, we have an e-mail sign up form.
>
> The person wanting to develop this is concerned about spammer intercepting
> the e-mail address of signee.
>
> We are using Apache and SSL.
>
> What issues should myself, the system admin, and the developer be looking
> out for and how far can we secure this site.

Spammers do some pretty awful things, but I haven't yet heard of them
snooping other people's IP connections. At least in the US, that
would constitute an illegal wiretap and be a felony. I think users
will generally be much more concerned about your site releasing
(e.g. selling) their addresses to spammers, than they are concerned
about spammers intercepting the addresses in transit.

In article <f0vig0ltt9e5tpno85chu651q3qo7aagot@4ax.com>,
Claire Tucker <fake@invalid.invalid> wrote:
>On Thu, 29 Jul 2004 22:28:54 +0000 (UTC), doctor@edmontonab.ca (The
>Doctor) wrote:
>
>>I have the following scenario:
>>
>>On a Secure Web Site, we have an e-mail sign up form.
>>
>>The person wanting to develop this is concerned about spammer intercepting
>>the e-mail address of signee.
>>
>>We are using Apache and SSL.
>>
>>What issues should myself, the system admin, and the developer be looking
>>out for and how far can we secure this site.
>
>You've cross-posted this to several groups which have very different
>focuses, and so I can't tell what point of view you're thinking of
>here.

1) Security 2) E-mail Security 3) Web Security 4) SSL implications

>
>You say you are using SSL, so presumably you aren't concerned about
>the address being submitted from the browser to the web server. I
>guess, then, that you must be thinking of the outgoing mail.

Broswer point to Secure Web Server for Sign Up to Mailing list.
You then e-mail to join mailing list.
>
>You aren't exactly clear about what your site is doing. I *think* what
>you're saying is that you're asking for an email address and then
>presumably sending mail to the new user, perhaps to "validate" the
>given email address.

Validation should be part of the process, however this is to join
a confidential mailing list.

>
>In this case, there's not really much you can do about the mail
>transfer; SMTP in general operates over unencrypted links, and the
>mail you're sending could pass through several mail servers before it
>reaches its ultimate destination. If this concerns you, then I have to
>say that perhaps your only option is to not send the mail at all.

What about SMTP via SSL?

>
>Assuming I've got your focus and situation right here, I'm going to
>trim the followups to comp.security.misc which seems to be the only
>applicable newsgroup you crossposted to.
>
>All the best,
>-Claire


--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Microsoft is not the solution; it is the question; what is the answer?? NO!!

In article <7xpt6ebfb7.fsf@ruckus.brouhaha.com>,
Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote:
>doctor@edmontonab.ca (The Doctor) writes:
>> On a Secure Web Site, we have an e-mail sign up form.
>>
>> The person wanting to develop this is concerned about spammer intercepting
>> the e-mail address of signee.
>>
>> We are using Apache and SSL.
>>
>> What issues should myself, the system admin, and the developer be looking
>> out for and how far can we secure this site.
>
>Spammers do some pretty awful things, but I haven't yet heard of them
>snooping other people's IP connections. At least in the US, that
>would constitute an illegal wiretap and be a felony. I think users
>will generally be much more concerned about your site releasing
>(e.g. selling) their addresses to spammers, than they are concerned
>about spammers intercepting the addresses in transit.

The developer is worried about wiretap. Still, what can you do?
--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Microsoft is not the solution; it is the question; what is the answer?? NO!!

In article <f0vig0ltt9e5tpno85chu651q3qo7aagot@4ax.com>,
Claire Tucker <fake@invalid.invalid> wrote:
>On Thu, 29 Jul 2004 22:28:54 +0000 (UTC), doctor@edmontonab.ca (The
>Doctor) wrote:
>
>>I have the following scenario:
>>
>>On a Secure Web Site, we have an e-mail sign up form.
>>
>>The person wanting to develop this is concerned about spammer intercepting
>>the e-mail address of signee.
>>
>>We are using Apache and SSL.
>>
>>What issues should myself, the system admin, and the developer be looking
>>out for and how far can we secure this site.
>
>You've cross-posted this to several groups which have very different
>focuses, and so I can't tell what point of view you're thinking of
>here.
>
>You say you are using SSL, so presumably you aren't concerned about
>the address being submitted from the browser to the web server. I
>guess, then, that you must be thinking of the outgoing mail.
>
>You aren't exactly clear about what your site is doing. I *think* what
>you're saying is that you're asking for an email address and then
>presumably sending mail to the new user, perhaps to "validate" the
>given email address.
>
>In this case, there's not really much you can do about the mail
>transfer; SMTP in general operates over unencrypted links, and the
>mail you're sending could pass through several mail servers before it
>reaches its ultimate destination. If this concerns you, then I have to
>say that perhaps your only option is to not send the mail at all.
>
>Assuming I've got your focus and situation right here, I'm going to
>trim the followups to comp.security.misc which seems to be the only
>applicable newsgroup you crossposted to.
>
>All the best,
>-Claire

Here is what the developer is concerned about:



So are you saying that all transmissions from a sign-up form on Sean's site
to your server will be secured under SSL?



At 10:55 AM 7/29/2004 -0600, you wrote:
>On Thu, Jul 29, 2004 at 11:03:35AM -0600, Developer wrote:
>>
>>
>> Administrator,
>>
>> The maker of a newsletter-management product I am considering for
>> customer's secure server writes this in answer to my question about sign-up
>> e-mail addresses being safe from interception:
>>
>> "The emails which are sent to both the
>> subscribers and to the administrators are sent unencrypted, however the
>> only way those can be intercepted is if another program is "listening"
>> on the same server. This can only happen if the server has been
>> "hacked" and is in the process of monitoring all inbound and outbound
>> traffic."
>>
>> I understood that email messages can pass through other servers on the way
>> to their destination. Is that true, or not? If so, then is it true that if
>> someone in, say, Bulgaria, signs up for the newsletter, an unencrypted
>> sign-up message could be intercepted enroute to Sean's secure site, and the
>> sender's email address extracted?
>>
>>
>





--
Member - Liberal International
This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca
God Queen and country! Beware Anti-Christ rising!
Microsoft is not the solution; it is the question; what is the answer?? NO!!

The Doctor wrote:

> In article <f0vig0ltt9e5tpno85chu651q3qo7aagot@4ax.com>,
> Claire Tucker <fake@invalid.invalid> wrote:

> >In this case, there's not really much you can do about the mail
> >transfer; SMTP in general operates over unencrypted links, and the
> >mail you're sending could pass through several mail servers before it
> >reaches its ultimate destination. If this concerns you, then I have to
> >say that perhaps your only option is to not send the mail at all.
>
> What about SMTP via SSL?

May work for mail submission. Does generally not work for RFC 2821 mail
transfer, as Claire Tucker already pointed out.

Follow-ups set.

Thor

--
http://www.anta.net/

In article <cec8aj$5m7$6@gallifrey.nk.ca>, The Doctor wrote:

>The developer is worried about wiretap. Still, what can you do?

Refer to
the project spec as it relates to communications confidentiality
and the security standards at your workplace

If these don't mention it your developer is premature in having
an opinion and you're premature in having a developer.

--
Elvis Notargiacomo master AT barefaced DOT cheek
http://www.notatla.org.uk/goen/