1 / 9

Email Authentications

Email Authentications. INBOX Authentication Panel San Jose, CA – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>. Security Functions for Email. Identities. Reference Semantic Peer MTA IP SMTP client EHLO Domain SMTP client

chung
Download Presentation

Email Authentications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Email Authentications INBOX Authentication Panel San Jose, CA – 2004 Dave Crocker Brandenburg InternetWorking <http://brandenburg.com/current.html>

  2. Security Functions for Email D. Crocker INBOX / Authentication – SJ,2004

  3. Identities Reference Semantic Peer MTA IPSMTP client EHLO DomainSMTP client Provider IPSMTP client site Mail-FromBounces address FromAuthor SenderPosting agent ReceivedHandling sites D. Crocker INBOX / Authentication – SJ,2004

  4. Object Channel Secure Secure Secure Secure MTA MTA MTA MTA MTA MTA MTA Secure MTA Secure MTA MTA Secure Secure MTA MTA MTA MTA Secure Mail Secure Mail Mail Mail Mail Mail Security Models Mail Mail D. Crocker INBOX / Authentication – SJ,2004

  5. D. Crocker INBOX / Authentication – SJ,2004

  6. The Path in a Kinder, Simpler World MSA MTA MUA PeerMTA Mail Agents MUA = User MSA = Submission MTA = Transfer MDA = Delivery MTA MDA MUA D. Crocker INBOX / Authentication – SJ,2004

  7. MTA Path(s) Today MSA MTA MTA MTA PeerMTA MUA MTA MTA MTA PeerMTA MTA MTA MTA MTA MDA MUA D. Crocker INBOX / Authentication – SJ,2004

  8. MTA SMTP 2821.MailFrom Reg Assigns MailFrom (bounce address) oMUA MSA MTA1 Did MSA authorize MTA1to send this message? MTA2 Did MSA authorize MTA2 to send this message? PeerMTA • Authority and Accreditation of MSA and MSA domain administrators • MSA must pre-register and trust each MTA in path MTA3 Did MSA authorize MTA3to send this message? PeerMTA MTA4 MDA rMUA D. Crocker INBOX / Authentication – SJ,2004

  9. MTA SMTP RFC2821.HELO Reg oMUA MSA MTA1 Did administrator of domain asserted by MTA1 authorize it to be an MTA? MTA2 PeerMTA Did administrator of domain asserted by MTA2 authorize it to be an MTA? MTA3 PeerMTA Did administrator of domain asserted by MTA3 authorize it to be an MTA? • Authority/Accreditation of Domain Administrator • Trust of latest-hop network operation MTA4 MDA rMUA D. Crocker INBOX / Authentication – SJ,2004

More Related