Secure Mail

Table of Contents

Introduction:

This page began as a summary of emails from the linux-security@redhat.com email list. To subscribe to this list, send an email to linux-security-request@redhat.com with the subject SUBSCRIBE. The email list will then be sent to your reply-to address.

Summary:

IMAP is a protocol that allows email clients to retrieve email anywhere on the net without having to take the email message off of the server. It is particularly usefull if you get email from more than one email server. The problem with IMAP, is that it sends email messages in clear text across the net allowing unscrupulous crackers to get your email password and have a ball.

POP mail also sends passwords in the clear, but APOP encrypts the password. APOP is md5-based challenge/responce authentication protocol. It is based on md5 of password combined with session-unical timestamp.

To solve this problem, I have looked at several solutions some in depth, and others in (way) less depth. The most common technique seems to be to set up an SSL wrapper. Here is a good link on SSL, or Secure Socket Layer.Other solutions include stunnel, bjorg, IPSec, IMP ( php4 web based email through an SSL apache server), zmailer, Kerberos, uw-imap and gss.

Kurt Seifried also suggests the following links: "IPSec, VPN stuff. Also you can use SSH to forward ports and stuff, several good free windows SSH clients exist".

At 19:53 -0600 2000/05/29, Scott L. Delinger wrote:

>Free and very useful. No Mac that has to connect to UNIX boxes should
>be without it: http://www.lysator.liu.se/~jonasw/freeware/niftyssh/
>it does scp as well.
NOTE: be aware of the licencing on that one. RSA's copyright has expired, however.

There is also a product by datafellows, but we could not get it to work with the Mac (8.6). If anyone knows of a USA compliant ssh client for mac *that works*, please let us know.

Here is a suggestion if you need to set up an IMP web mail server: run IMP (using mod_ssl in your https area) on a machine behind a firewall / mail proxy. Port forward https to the DMZ (demilitarised zone, or isolated network off of the firewall) imp mail / SSL web server.

We have evaluated IMP and the set-up is not always trivial, but IMP is a good solution if you know somebody providing an imp service, or if you have the time and money to set it up. In comparison with other web-mail solutions, the set-up is probably trivial. Because IMP uses IMAP, IMP can also be mixed with another MUA (Mail User Agent) like eudora, or a browser that reads email. It tends to be slow for larger messages, but this will be enhanced in the future.

Also ssh:
Matthew P. Barnson wrote:

"It is extremely common for ISP's to use tcp_wrappers to secure POP3 connections. We use it here, and it's pretty effective. One of the most effective solutions we've found to passing passwords in cleartext across the Internet involves either the use of a hardware VPN solution, or SSH to tunnel the connection, like this: ssh -C -L 4110:localhost:110 remote.host.domain.com. Then you set up your plug [ fwtk ( firewall toolkit ) component ] to POP the mail through "localhost:4110" and voila! you're running your POP3 requests over an encrypted tunnel. This is, of course, assuming the host from whom you're popping the mail allows you to connect via SSH. If they don't, encourage them to.

"SSH port forwarding is a complicated subject, but once you've mastered how it works it's an extremely powerful tool for encrypting what you'd rather not have in the clear."

We suggest a look at procmail for setting up UNIX email filters.
Do you have a good pgp (pretty good privacy) emailer? Tell us about it.

   MD5 and Basic Encryption (taken from NCSA):

In Basic HTTP Authentication, the password is passed over the network not encrypted but not as plain text -- it is "uuencoded." Anyone watching packet traffic on the network will not see the password in the clear, but the password will be easily decoded by anyone who happens to catch the right network packet.

So basically this method of authentication is roughly as safe as telnet-style username and password security -- if you trust your machine to be on the Internet, open to attempts to telnet in by anyone who wants to try, then you have no reason not to trust this method also.

In MD5 Message Digest Authentication, the password is not passed over the network at all. Instead, a series of numbers is generated based on the password and other information about the request, and these numbers are then hashed using MD5. The resulting "digest" is then sent over the network, and it is combined with other items on the server to test against the saved digest on the server. This method is more secure over the network, but it has a penalty. The comparison digest on the server must be stored in a fashion that it is retrievable. Basic Authentication stores the password using the one way crypt() function. When the password comes across, the server uudecodes it and then crypts it to check against the stored value. There is no way to get the password from the crypted value. In MD5, you need the information that is stored, so you can't use a one way hashing function to store it. This means that MD5 requires more rigorous security on the server machine. It is possible, but non-trivial, to implement this type of security under the UnixTM security model.

Acknowledgements:

NCSA
Roger Wolff
John Walker
Matt Tucker
Aaron M. Ucko
Christopher Lindsey
Dan Stromberg
Alan Mead
Jay Beattie
Bruce Elrick
Christian Hammers
David J. M. Karlseni
Dean Thompson
Ed Padin
Eugene Kanter
Florian Helbing
Graham Mainwaring
Horms
Iain Wade
JP Vossen
Jakub Skopal
Jamie Beverly
Kurt Seifried
Matthew B. Henniges
Michael H. Warfield
Peter H. Lemieux
Petr Sulla
Ren Sauceda, Computer Systems Engineer
Shawn Robinson
Shawn Tagseth
Stephen Peters
Tomas Revesz
Tony Annese
Alex (uuworld)
Ark Id
Matthew P. Barnson

Original Message:

From: Blair Lowe
Sent: Wednesday, December 08, 1999 11:36 AM
To: linux-security@redhat.com
Subject: [linux-security] IMAP security across the net.

Hi,

We are wondering if anyone knows the security features of IMAP.

I know that plain POPMAIL uses no encryption on the password, and that APOP provides some encryption.

Ideally we would like a secure system that is accessible from any
laptop anywhere on the net.

Thanks,
Blair.

SUMMARY OF REPLIES

ANSWERS TO SECURITY QUERY

Thread 1: IMAP and POP send clear text passwords.

Matt Tucker wrote:

> imap.org has a good database of IMAP
> products. For instance, I found:
> cyrus
> uw-imap
> many people wrote:
> All major clients (Outlook, Outlook Express, Netscape Messenger)
> support IMAP over an SSL tunnel.
>
> I've seen this wording a lot, and I think it's strange that people keep
> saying "all major clients" without including Eudora.

Strangely enough, some people have not hear of eudora in spite of its prowess in the email area. This is not surprising when you see the monopolising default set-ups of Netscape and MSIE. Oh well. Their problem not mine.

Dan Stromberg wrote:

> IMAP is capable of using CRAM-MD5, but this appears to require some kind
> of shared secret, which isn't really a very good thing.

> IMAP can use (but doesn't always use) a really simplistic encryption for
> the password, the moral equivalent of xor'ing everything 0xa5 or
> something like that. I think this is negotiated by the client and
> server.

> Best bet is probably ssl/imap or ssl/pop. We used to use wrapssl for
> this on solaris, but recently switched to using stunnel on solaris. We
> haven't had reason to try it on linux yet.

> Last time I checked, netscape (4.6?) wasn't able to do ssl/imap
> reliably. I don't think I've tried it with netscape 4.7. Alas, ms
> outlook may be able to do this reliably.

David J. M. Karlsen wrote:

> IMAP defaults to clear text passwords as well, try using it with ssh, and
> you should be fine... Possible there's some support for mixing
> IMAP/SSL as well.

Ren Sauceda, Computer Systems Engineer wrote:

> IMAP sends everything clear text just like POP. You'd need to run it
> over SSL to get encryption between the client and the IMAP mail store
> server. However, client support is limited: Netscape Messenger 4.6+,
> Outlook 98/2000, Outlook Express 5, and according to my sources.
>
> Personally, as a user that is, I like sshing into my mail server and
> checking my mail with pine when I'm on the road.

Christian Hammers wrote:

> uw-imap and afaik cyrus imap, too have support for CRAM-MD5 (sp?)
>* SASL authentication is supported in the IMAP and POP3 servers,...
>* CRAM-MD5 is supported by default for IMAP and POP3 clients.
>* Kerberos V5 is supported through the GSSAPI on UNIX and NT.
>
> Remark: APOP and CRAM-MD5 IMAP are both only good to prevent the unencrypted
> transmission of plain text passwords.
> If you want to encrypt the whole session you have to use SSL (now called TLS)
> It seems that some rfc defines a standard called STARTTLS but it's not yet
> implemented in IMAP.

Horms wrote:

> I don't know a lot about IMAP but my understanding is that
> you can enable capabilities, if the server and client allow
> that will provide an encrypts session.
> Sounds like SSL (see below).

Graham Mainwaring wrote:

> IMAP also sends the plain text password across the network. However, it is
> possible to do IMAP-over-SSL (as well as POP-over-SSL) and get it to
> work with at least some mail clients. You do this using a tool called
> sslwrap on the server side. Alternatively, you might be able to do
> something with ssh port forwarding.

Alan Mead wrote:

> APOP encrypts passwords but not data.
> I'm not sure if IMAP encrypts the data; it is designed to offer more
> secure email connections than POP. However I think SSL is a better
> choice; make everything web-based and accessed through a secure
> web server. They'll need a root cert. from your cert. authority.
> That probably means your
> clients will be forced to have a recent versions of IE or Navigator.

> imap does not seem to be any more secure than regular pop
> (as I feared).

SOLUTIONS TO EMAIL SECURITY

Thread 1: Eudora may not support SSL wrapper type of IMAP communications.

Blair Lowe wrote:

> Where exactly is the setting for Eudora, or does it just work?

Jakub Skopal wrote:

> consider using SSL wrapper for your IMAP, it'll provide on-the-fly
> encryption.
> Most of the current mail-readers support it (on windows Microsoft
> Outlook * os
> well as Netscape, Eudora supports it as well, afaik, on linux, there's
> an easy way how to set-up a wrapper so every application can access it in
> ordinary way :_)

Don't know, but now I double-checked at eudora's website and they say they have no support for SSL... I believe, that there can me some sort of wrapper made as well, don't know any :-| I just knew somebody, who had been using it, but don't know how he had managed to get it to work...

Thread 2: sslwrap

Jamie Beverly wrote:

> sslwrap has some nice packages that encrypt POP, SMTP, and IMAP, there was
> a post to this group a few months ago that had full instructions to set it
> up and get it running, if you need a hand, drop me a line.

Ed Padin wrote:

> You can use SSL for IMAP as well as POP mail access. There's two nice SSL
> wrappers I know of for linux machines. sslwrap and stunnel. They act as a
> front end to any imap, pop or html server so that you can use the SSL
> protocol for the service. The popular IMAP clients usually support IMAP over
> SSL. This gives you a fully encrypted link where passwords and content
> cannot be sniffed.

Stephen Peters

> I think IMAP gives you the same problems.
[ie. clear text passwords]
>
> One thing you might consider is installing SSLeay and sslwrap. This
> allows you to wrap POP, IMAP (or other protocols) under SSL, so that
> the communication is encrypted. Many common mail clients (even
> Netscape, MSIE, and Outlook) support the SSL connections natively.
> I've got this working once -- using Netscape or Outlook to access
> my home IMAP server over SSL.

Jakub Skopal wrote:

> Blair Lowe wrote:
> A note to the readers, I believe that SSLeay IS open_ssl.
> openssl is based on SSLeay, but sure, it has the same interface so
> programs written for SSLeay should work with openssl without change...

Florian Helbing wrote:

> You can use SSL-Encrypted IMAP. Netscape can connect to SSL IMAP.
> Unfortunately I don't know of any other MUA who can.
> On the server you just need to use the ssl-wrapper which encrypts the data
> the imap-server send or receives. We use it here at the network I am working
> at and it performs quite nicely.

Michael H. Warfield wrote:

> My suggestion would be to go with SSL encrypted imap (imaps).
> It's a well known service allocated to port 993 by IANA and can be set
> up with an ssl wrapper like edssl, ssl-proxy, stunnel, or sslwrapper on
> your server. Fetchmail now has SSL patches included in the source, you
> just have to obtained OpenSSL for the SSL libraries
> themselves. Even Exchange, Outlook, and Netscape support SSL encryption
> on either or both POP and IMAP.

Tomas Revesz wrote:

> i'm not sure that standard imap has anything built in security-wise but
> i'm quite happily running ssl wrapped imap on two of my Red Hat boxes and
> it wasn't a tremendous pain to set it up. it gives you encrypted login
> and viewing of your mail. i've tried netscape, outlook express, and
> outlook 97/2000 as clients and they all seem to work great. you
> basically need 3 pieces.
>
> an imap server (i use the uwash server that came with Red Hat)
> openssl 0.9.4 http://www.openssl.org or you can find an rpm for it at
> www.rpmfind.net pretty easily and sslwrap which i got from http://www.rickk.com/sslwrap/
>
> i used this page as a reference and even though there are some
> differences in the software, it gives you the basic idea of how to set
> this up. http://www.dtcc.edu/cs/admin/notes/ssl/
>
> if you want more detailed info, let me know and maybe i'll finally
> motivate myself to write up a how-to on my full set-up.
>
> I am sure that the readers of this email list and anyone else would be tickled with a HOWTO.

Kurt Seifried wrote:

> Blair Lowe wrote:
> Yes this works for all the normal OS's such as Linux and Windows,
> but don't you need winstun or something for a windows implementation
> (which does not exist for apple clients).
>
> Most email clients have built in support for SSL (outlook, netscape
> do). Simply goto security settings, secure imap.

Bruce Elrick wrote:

> You could try using IMAP over SSL. Both Netscape and MS Outlook support
> this. I've installed sslwrap, which negotiates the SSL layer and forwards
> the connection to the loopback.
>
> e.g.
> have port 993 (imaps) open with sslwrap opened through inetd:
> /etc/inetd.conf:
> imaps stream tcp nowait ssl /usr/sbin/tcpd
> /usr/sbin/sslwrap -cert /var/lib/ssl/certs/server.pem -port 143
>
> which accomplishes
> client using imaps (imap over ssl) --> internet -->
> --> your server public IP port 993 -->
> --> sslwrap (started by inetd) -->
> --> your server loopback IP port 143 --> imapd (started by inetd)
>
> You can have your firewall block 143 (except on loopback if your imaps
> server is your firewall) and let through 993 to your public IP address.

Excellent!

Shawn Robinson wrote:

> You can use SSL (authenticated & encrypted) with SMTP, POP, and IMAP
> protocols. As for IMAP and POP, you may want to tunnel them to your
> existing servers with 'stunnel'.
> http://www.stanton.dtcc.edu/stanton/cs/admin/notes/ssl

Eugene Kanter wrote:

> Use ssl proxy. Netscape communicator works just fine. I guess
> openssl.org?

Thread 3: stunnel

Iain Wade wrote:

> All major clients (Outlook, Outlook Express, Netscape Messenger)
> support IMAP over an SSL tunnel.
>
> You can achieve this using the SSLeay and stunnel packages very
> easily.
>
> I cannot recall where I found a nice little FAQ which described the
> process, but I'm sure a few altavista searches will get you there.
>
> This is what I use and it seems ok so far.

Kurt Seifried wrote:

> [snip] get
> OpenSSL, compile/install it, install a server cert., then get stunnel
> (ftp.zedz.net, in the replay directory, Red Hat, i386), install that
> and ssl wrap imap:
>
> simap stream tcp nowait root /usr/sbin/stunnel imapd -l
> imapd

Right on. Now I know more about stunnel.

Shawn Tagseth wrote:

> If your clients that connect to the IMAP server are using netscape or
> Outlook ( Express), both of them support IMAPS. You can set up an
> ssl-imap wrapper so that everything over the Internet travels IMAP-SSL,
> hits your linux box, gets decrypted and then redirected to IMAP on
> localhost. I've only tested it and not rolled it out. The best part
> about it is that you don't have to replace your IMAP daemon.
>
> You'll need openSSL http://www.openssl.org
> and a wrapper (I've used sslwrap, but I've heard good things about
> stunnel as well)
> http://www.openssl.org/related/apps.html
>
> If you need to send messages you can set up the wrapper to handle SMTPS
> as well. Although if ALL your mail is going back out to the internet
> the overhead is wasted.

Petr Sulla wrote:

> You could use sslwrap or stunnel over a SSL connection, it works very nice
> for me with both POP and IMAP.
> Just search for sslwrap and stunnel at www.freshmeat.net.
>....
> I just came across a much better source:
>
> http://security.fi.infn.it/tools/stunnel/index-en.html

I (Blair) found the stunnel download hard to get, but eventually got it.

Thread 4: Outlook Express

alex wrote:

> JP Vossen wrote:
> On Wed, 8 Dec 1999, Blair Lowe wrote:
>
> Ideally we would like a secure (e-mail) system that is accessible from any
> laptop anywhere on the net.
>
> How about OWA using SSL (Outlook Web Access for Exchange 5.x (OWA is free from MS))
> using SSL on IIS? If you use Exchange, this is great, because you can
> get your mail from any place that has an SSL browser, WITHOUT having to have
> any other software (e.g. VPN software, IMAP client, etc.) installed on the
> client machine. However, it is a bit tricky to install.
>
> Off topic.

John Walker wrote:

> Thanks for a great list of info! I had the following observation when
> reading it. I don't think this really helps you, but there did seem to
> be a misconception expressed.
>
> Blair Lowe wrote:
> True that Outlook Web Access is probably not available for LINUX,
> someone may have a LINUX laptop that connects to an NT server.
>
> I don't like the idea of running public Internet mail on Exchange, but
> in the LAN with a firewall in front of it, I think it has some valuable
> tools. I'm not too sure about the authentication phase, but Netscape
> Navigator *will* suffice to connect over SSL to the IIS application this
> person refers to.

Thread 5: Zmailer

Shawn Robinson also wrote:

> For SMTP, I'd suggest a native implementation, but you could tunnel it
> also. Zmailer (http://www.zmailer.org) is an SMTP server that recently
> introduced SSL SMTP that supports clients such as Netscape Communicator,
> and Outlook Express.

Thread 6: IMP: a web based email server

Peter H. Lemieux wrote:

> How about IMP, a Web IMAP client written in php4, running on an Apache-SSL
> server?
>
> IMP: http://www.horde.org/imp/
> PHP: http://www.php.net
>
> You can read and send mail, attach files, manage folders, keep an
> address book, and use LDAP servers, all over the web. Not only would the
> authentication session be encrypted by SSL, so would the contents of the
> messages viewed.
> If you're uncomfortable leaving the message store on a publicly accessible
> machine, you can put it behind your firewall and point IMP at it through
> some kind of tunnel.
>
> If you want to be able to use an IMAP client that runs on the laptop, there
> is a standard port assignment (993) for secure IMAP using SSL/TLS. I know
> Netscape Communicator supports this, and I think MS Outlook does, too. You
> might want to look at one man's experience trying to construct an
> UW-IMAP+SSL server at http://www.terry.dtcc.edu/stanton/cs/admin/notes/ssl/.

Thread 7: IPSec

Dean Thompson wrote:

> You may want to investigate the SSL protocol to ensure you have an encrypted
> session when reading mail. Other than SSL, you may be able to use a system
> like IPSec to encrypt data on the network (although this requires a specific
> gateway encrypting all the traffic).

Thread 8: Kerberos, KPOP AND gss

Christopher Lindsey wrote:

> Blair.Lowe wrote:
> How about kpop? Anybody hear of this? it is some sort of kerberos
> security scheme, I think.
> Yes, it's Kerberos-based. We use a patched Qualcomm POP server that
> authenticates against our KDC. The user obtains a ticket on their
> remote system, then authenticates with those credentials against the
> POP server (until they expire).
>
> Coupled with POP-before-SMTP authentication it works pretty well for
> us.
>
> This isn't terribly useful unless you're using Kerberos for other
> things. I like to use it in my company so that we have a single
> password base that's usable by secure Web transactions, email,
> ftp, logins, etc.

Michael H. Warfield wrote:

> Blair Lowe wrote:
> We are wondering if anyone knows the security features of IMAP.
>
> Yeah, virtually none unless you add features like kerberos or gss.

Aaron M. Ucko wrote:

> KPOP is a variant of POP3 that uses Kerberos 4 authentication rather
> than plain text password exchange. Aside from that, it is just like
> normal POP3; the messages travel in the clear, with neither encryption
> nor integrity protection. Only a handful of clients support KPOP, but
> they include Emacs movemail (when compiled suitably), fetchmail
> (ditto), and at least some versions of Eudora. Any program that can
> be convinced to run an external movemail (Unix Netscape, for instance)
> can also be pointed at a suitable binary.
>
> Along these lines, there are also variants of IMAP that use krb4 and
> krb5. However, they have relatively limited support; the only clients
> that I know deal are Gnus 5.8 (with the help of Cyrus imtest) and
> fetchmail. On the other hand, fetchmail support can be all you need
> in many situations, and there's bound to be a suitable version of
> movemail floating around somewhere.
>
> Needless to say, all of these protocols require you to have set up a
> suitable Kerberos realm. The comp.protocols.kerberos FAQ
> <http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html> should
> have more information on how to do so.

Matthew B. Henniges

> You could use pop over ssl.
>
> There are several ssl proxies that can add ssl support to a non ssl server,
>
> stunnel, bjorb, and sslproxy come to mind.
>
> Some people report problems with outlook express's ssl support though...

anyone know any links to bjorb?

Legal

This page is written by Blair Lowe and all parties listed in Acknowledgements.

Copyright © Computer Engineering Inc. All rights reserved.

The latest version of this document is available here. There are no additional commercial use, redistribution, or other restrictions imposed by me except to include this legal and acknowledgements section if you copy this document. There is no warranty. We make no guarantees that the recommendations above are secure. Use at your own risk.

If you have comments, flames, or suggestions, send a note to email_security@compeng.net. Thanks!

For more information about our products and services, please phone us at (780) 239-8494 (within Edmonton, Alberta, Canada), (403) 998-8494 (within Calgary, Alberta, Canada), (306) 717-7709 (Saskatoon), (416) 993-7027 (Toronto) 1-877-968-7626 or 1-877-807-0777 (toll free within North America).

Copyright © 2004-2009 Computer Engineering Inc. All rights reserved.
site map | links | search | add your URL - link exchange
Get our small business packaging including card design, logo, and simple website free domain name with web hosting Canadian php5 web hosting - Edmonton, Calgary, Alberta, Toronto, Ontario Canadian Windows 2003 ASP web hosting - Edmonton, Calgary, Alberta, Toronto, Ontario Stop Spam Here Use OpenOffice.org