Is SMTP STS a major step towards email security?
The underlying 1980s transport protocol used to send emails: Simple Mail Transfer Protocol (SMTP) is ancient and lacks the ability to properly secure email communication. To level-up its security, SMTP STARTTLS was invented in 2002 – but it still turned out to be susceptible to Man-in-the-middle (MITM) and connection downgrades attacks.
In order to raise the security bar a new protocol, SMTP Strict Transport Security (STS) has been drafted (after 14 years of staggering wait since the last attempt). This time all the major players (Google, Microsoft, Yahoo, Comcast, LinkedIn, and 1&1 Mail…) have joined forces to make this effort a success.
What is the goal of this new standard ?
SMTP STS has been designed in order to prevent Man-in-the-Middle attacks.
How does SMTP STS improve SMTP Security versus StartTLS?
SMTP STS will work alongside with STARTTLS to strengthen SMTP (on the whole) and to avoid connection downgrade and Man-in-the-Middle attacks. It will check if the recipient supports SMTP STS and has valid & up-to-date public key certificate, if yes then it will pass email securely to the recipient. If no, it will stop the email from sending and will notify the user with the reason.
How long will it take to come into effect ?
Currently, it is only a draft proposal, and it will take a while before major players start implementing it and the Internet Engineering Task Force (IETF) has six months in total to consider the possibilities of this new proposal (the motion will expire on September 19, 2016).
Will it be enough to restore email privacy ?
Is SMTP STS a major step towards email security and enough to restore email privacy? Our answer is NO.
It’s here where things start getting a bit fishy – as strengthening SMTP security will only protect emails from source SMTP to destination SMTP servers – and that’s it.
Consequently, following main concerns will remain:
- The messages will stay in clear text, from sender’s device till it reaches the respective sender SMTP server (assuming there’s no SSL/TLS in place).
- The message will remain in clear text, from the recipient’s SMTP server till reaching the recipient’s device (assuming there’s no SSL/TLS in place).
- The SMTP server (both on the sender and recipient side) will be able to view the message in clear text.
These gaps are where adversaries will be able to successfully exploit the confidentiality and integrity of emails.
So what is the best way for restoring email privacy ?
End-to-end encryption (E2EE) is the only answer – where a sender encrypts an email (with the public key of the recipient) and the recipient decrypts that email with his/her private key – with all these operations occurring purely on the client-side. This approach leaves no room for an adversary to actually sniff the clear text messages. Mailfence , a secure and private email-suite provides a “true” E2EE secure emailing service alongside the capability of Digital signatures.
Simply put, SMTP STS should not be compared with the E2EE‘s provided level of security. However, it still is a step in the right direction while remaining a small part of the puzzle!