On 4/14/2016 6:52 AM, Rich Kulawiec wrote:
On Wed, Apr 13, 2016 at 08:35:54PM -0700, Jay Hennigan wrote:
It also sounds like the recipient is in all cases being asked to
click on a link in email which is likely to be from an unknown
sender (to avoid DMARC issues). This is a potential malware vector.
Agreed: it's also a spyware/tracking/surveillance vector, *and* it's a
worst practice in mail system engineering. Users should never need a
web browser (in any sense of that term) in order to read their email.
---rsk
Keep in mind this isn't "Normal" e-mail. This is a way to send encrypted
mail. Yes I know there are other methods. Sharing keys and using
encrypted/decrypt plugins. However that method is also difficult when
you have a lawyer sending a regular internet user something that needs
to be encrypted. Most end users simply don't know how to deal with that.
Along the same lines would be to have encryption/decryption setup on
appliances like a Sophos UTM for both the sender and receiver. This
really only works with enterprises talking to known other enterprises
that get this configured.
Could do a encrypted PDF which might work better. I know some mail
server will not deliver encrypted pdf's.
I do know that many hospitals, banks etc. Do use this type of encryption
to e-mail the client and basically tell them to log into there web
portal to view the encrypted e-mail.
What other options are our there for sending encrypted e-mails?
Sincerely,
Mark
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
