Effectiveness and Limitations of E-Mail Security Protocols

摘要

Simple Mail Transport Protocol is the most widely adopted protocol for e-mail delivery. However, it lacks security features for privacy, authentication of sending party, integrity of e-mail message, nonrepudiation and consistency of e-mail envelope. To make e-mail communication secure and private, e-mail servers incorporate one or more security features using add-on security protocols. The add-on security protocols provide a reasonable security but have several limitations. This paper discusses limitations of e-mail security protocols, analyzes and evaluates their effectiveness in e-mail servers. It also proposes methods to improve efficiency of e-mail servers in detecting spoofed e-mails from domains that do not follow any standard anti-spoofing protocol. Further, it presents results of studies carried out to appraise e-mail user practice; knowledge of security protocols and their confidence in e-mail system.