Author: Marc Perkel Date: To: Exim Users New-Topics: [exim] Dud MX for spam trap Subject: [exim] Securing Email for the prying eyes of any government
I have an idea of a concept of creating a secure email system that can
not be tapped into by anyone. I want to throw the concept out and see if
you all think this could work.
Lets assume we have a powerful and corrupt government who wants to read
incoming email of a nonprofit organization trying to fight government
corruption. If the org has a server for it's email - the governmet could
tap the closest router and see all the unencrypted email coming in - and
most email is unemcrypted. So - how would this org prevent this?
Suppose there were a network of servers around the world that were - at
least in part - outside the reach of the corrupt government. These
servers - which would also do spam and virus filtering - would be the MX
destinations for these domains. Because there are so many of them in
diverse locations - there is no single point where the mail can be
tapped. These servers - after processing the email would then send it on
to the final server over an encrypted connection to the final receiving
server which is in a secure location. This way all the incoming mail
comes in encrypted.
If the org thinks that one or more of the front end spam processing
servers might be tapped - all they have to do is to eliminate those
servers from their MX records and thus the mail will only go through
servers that they think are trusted.
So - who thinks this idea will/won't work? And if it won't work - why not?