+ Reply to Thread
Results 1 to 6 of 6
  1. Senior Member teancum144's Avatar
    Join Date
    Jun 2012
    Location
    Pacific Northwest, USA
    Posts
    227

    Certifications
    CISSP, CISA, CPA (inactive), Network+, Security+
    #1

    Default Encryption between mail servers

    Which of the following protocols is used for encryption between email servers?

    A. TLS
    B. L2TP
    C. S/MIME
    D. PPTP

    The answer is "A". Why couldn't it be "B" or "D" (e.g. using IPSec)?
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member teancum144's Avatar
    Join Date
    Jun 2012
    Location
    Pacific Northwest, USA
    Posts
    227

    Certifications
    CISSP, CISA, CPA (inactive), Network+, Security+
    #2
    Additionally, some sources S/MIME can be used to encrypt messages between servers. Is the reason this is unlikely due to the burden of managing certificates?
    Reply With Quote Quote  

  4. Junior Starcraft Engineer
    Join Date
    Mar 2007
    Location
    Twin Cities, Minnesota
    Posts
    2,777

    Certifications
    A+, Net+, Security+, MCSA 2003, MCTS Win 7, AD, Net Infrastructure
    #3
    L2TP and PPTP do not provide encryption on their own, and therefore are not valid answers. IPSec is not implied with either, even though in practice L2TP generally rides over IPSec. S/MIME does not encrypt transmission, which is implied with "between mail servers".

    Of these, TLS is the only protocol prescribed specifically for encrypted transmission between mail servers, and therefore is the only valid answer.
    Reply With Quote Quote  

  5. Senior Member cyberguypr's Avatar
    Join Date
    May 2007
    Location
    Chicago, IL
    Posts
    5,846

    Certifications
    GCFE, GCED, GCIH, CISSP, CCSP, and others that should never be mentioned
    #4
    As ptilsen said, only one answer. S/MIME is eliminated first as it is not a protocol and the question asks for this specifically. L2TP and PPTP do not provide inherent encryption. That leaves TLS which natively provides encryption.
    Reply With Quote Quote  

  6. Senior Member
    Join Date
    Feb 2012
    Posts
    2,426
    #5
    For mail server to mail server communications - you probably know that the protocol used is SMTP (Simple Mail Transfer Protocol). The SMTP protocol includes an extension defined in RFC3207 which is used to encrypt communications between mail servers. The actual standard is commonly called STARTTLS which uses TLS as the authentication and encryption mechanism.

    The way that is works can be described in this conversation between 2 mail transfer agents (MTA).

    MTA A> [Opens TCP connection on port 25 to MTA B]
    MTA B> [Accepts connection from MTA A]
    MTA B> receiver.mail.server SMTP ready
    MTA A> EHLO sender.mail.server
    MTA B> 250 Hey there
    MTA A> STARTTLS
    MTA B> 220 Go ahead
    MTA A> [Starts the TLS negotiation]

    The other choices in the question are not natively supported by the SMTP protocol.
    Reply With Quote Quote  

  7. Senior Member teancum144's Avatar
    Join Date
    Jun 2012
    Location
    Pacific Northwest, USA
    Posts
    227

    Certifications
    CISSP, CISA, CPA (inactive), Network+, Security+
    #6
    Very helpful answers. Thanks to all who contributed.
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks