
Gmail Will Soon Warn Users When Emails Arrive Over Unencrypted Connections - lujim
http://techcrunch.com/2015/11/12/gmail-will-soon-warn-users-when-emails-arrive-over-unencrypted-connections/
======
Someone1234
What depresses me is that many organisations agree that SMTP needs some work.
However the stakeholders simply don't care enough to do anything about it, all
Google is doing here is adding a pretty little icon for opportunistic
encryption (that doesn't work very well).

Let's look at the biggest stakeholders in SMTP:

\- Microsoft: Exchange (8% mail servers), Outlook (client), Outlook.com (23%
of webmail).

\- Google: Gmail & Google Apps (40% of webmail)

\- Yahoo (21% of webmail)

\- OSS: Sendmail, Postfix

So if Google, Microsoft, and Yahoo! signed up that is the majority of SMTP on
the internet today. Then we find some funds to get OSS updated (or summer of
code), and boom, we have an SMTP update fit for 2015.

Heck have it downgrade for right now, and we can talk about actually switching
over in 2025 or whatever. But at least in 2025 we'll have something ready, the
longer we take to kick this off the longer it will take to upgrade.

It is utterly insane that nothing is moving here. It is like SMTP is stuck in
a perpetual IE 6 situation, and Microsoft is largely causing it all over again
(Exchange + Outlook.com).

~~~
yid
> However the stakeholders simply don't care enough to do anything about it,

Perhaps that's a sign that "it" (smtp) now works well enough with the decades
of engineering investment put into spam detection, access, standardization and
inter-operability that have been put into it to not justify the massive
investment that an "SMTP update fit for 2015" would involve.

~~~
mschuster91
> spam detection, access, standardization and inter-operability

Spam detection works on a higher level than transport security, it is
independent from transport (although a spam classifier might favor mails from
SMTP servers sent with SSL and a client certificate signed by a CA for its
domain name).

Access... well, that's IMAP/POP3's job, both support SSL for ages.

Standardization/interop, uh we already have SMTPS. The standard is there,
what's lacking is support for inter-server encryption.

~~~
darkr
SMTPS has been deprecated since forever (late 90's or thereabouts). The
standards for encrypted SMTP are: STARTTLS over port 25 for transfer/relay and
STARTTLS over port 587 for submission.

~~~
feld
But STARTTLS is a step backwards because a MITM can disable crypto by not
advertising STARTTLS

~~~
0x0
A MITM could also deny SMTPS ports. If you want to ensure STARTTLS is in use
then most smtp software has a setting to force STARTTLS or drop the
connection.

~~~
mschuster91
Well, use DNSSEC and add a new field in the DNS (e.g. CRYPTINFO = FORCE-HTTPS,
FORCE-SMTPS). That would take time to spread, yes, but it would be a perfect
solution for a lot of "prevent MITM downgrade" issues.

~~~
feld
Yes, it would take a long time to spread considering there's a whopping 388
domains out there using DNSSSEC for SMTP, the majority of them run by
neckbeards and not commerical email services.

    
    
        388 	Zones have deployed TLSA for SMTP with STARTTLS (Port 587)
    

I don't expect this to catch on, ever.

[http://secspider.verisignlabs.com/stats.html](http://secspider.verisignlabs.com/stats.html)

------
agwa
This is a bad move that will give users a false sense of security. Server-to-
server SMTP is unauthenticated. Just because an email arrived at Gmail over an
encrypted connection doesn't mean that the connection wasn't intercepted by a
MitM that read the message and then relayed it to Gmail over an encrypted
connection.

Opportunistic encryption is nice to have because it stymies passive
surveillance, but it's not something that can be relied upon to provide
security or privacy. Thus, its presence or absence should never be
communicated to users, to avoid suckering them into a false sense of security.

~~~
harshreality
There's a way to fairly reliably mark messages as insecure when they're sent
by clients that don't verify certs.

For every incoming ssl smtps connection, google could forge a cert the first
time it encounters a connection from a particular ip on a particular day. If
the client continues with the ssl negotiation, google would know to mark the
message as unsecure, because the sender isn't verifying certs.

You could obviously adjust the frequency with which the recipient (eg google)
tests each IP. It wouldn't have to be every 24 hours. You could also use
additional heuristics to re-test, even going so far as to disconnect
immediately and force the client to retry (giving it a forged cert test) if
you trust the client ip but see a different helo than you saw last time. You
could even use global bgp feed to invalidate any successful tests from a
netblock when there's a visible routing change for it.

~~~
cortesoft
What would stop the MiTM from verifying Gmail's cert? Say, the email is sent
in plain text, it is intercepted by the bad guy, then the bad guy sends it on
to gmail encrypted, with cert checking and everything.

I am failing to see what your proposal would help.

------
Spoom
This is a great marketing move, because users have absolutely no control over
the flow that their email takes... except to tell the other user to start
using Gmail.

------
y0ghur7_xxx
This Thunderbird addon does the same, if you prefer a local client:
[https://addons.mozilla.org/en-
us/thunderbird/addon/paranoia/](https://addons.mozilla.org/en-
us/thunderbird/addon/paranoia/)

------
workitout
I use Postfix, I'll have to check how it makes outgoing connections but I'd
assume it's unencrypted. My client connection to my server is encrypted but
never thought to use it for the connections to the servers my server delivers
mail to.

~~~
Wicher
#opportunistic encryption s2s

smtp_tls_security_level = may

smtp_tls_CApath = /etc/ssl/certs

This will use STARTTLS to upgrade the connection. This does not protect you
against an active attacker, but it will protect you against passive
eavesdropping (~mass surveillance).

~~~
workitout
Thanks Wicher and baudehlo, great tips.

------
widforss
I will soon warn my users when they're recieving an email that is not PGP-
encrypted.

------
daryltucker
But they force XMPP/Jabber s2s connections to be in the clear?

smh

------
bqe
Gmail will warn users for this, but not for soft failing SPF. That doesn't
make sense.

------
ChrisCinelli
A step in the right direction!

------
mtgx
Is Google's End-to-End extension still progressing? Or are they hoping we
forgot about it?

------
lwh
You mean without PGP right?

------
d0ugie
Looking forward to seeing Chrome marking HTTP as not secure..
[https://plus.google.com/+FrancoisBeaufort/posts/TaTACsJSnjN](https://plus.google.com/+FrancoisBeaufort/posts/TaTACsJSnjN)

------
tiatia
You should not use Gmail anyway. Privacy issues and security issues. I still
have several Gmail accounts. Daily warnings in my Thunderbird (Someone has
your password....--- Yes, guess fucker, it is me who has my password). I have
one Gmail account that I can not access anymore besides knowing my password,
the previous password and a security question. Unfortunately I have a domain
registered with this email. This domain may be lost.

Pay a few bucks and get your own email. External email, hosted in Switzerland
(high privacy, not EU or US jurisdiction) costs me 15 Euro per year. I can use
my own (even external!) domain.

~~~
smackfu
So the security issue is that they are too secure?

