On 2018-01-07 09:32 AM, Stephen Satchell wrote: > After reading all the responses, and reading the reference links about > Microsoft Smartscreen, I have a really stupid question:
Not stupid at all. I'll limit my answer because of the off-topic nature of the question. Let me know if you are interested to know more, off-list. > Have you considered encrypting your e-mail traffic? Yes. Clients do not buy in. > You are a lawyer. The contents of your mail could be considered > sensitive, especially if exposure of the mail could materially affect > the legal status of your clients. You are romanticizing the profession, or at least holding me for more than I am. I don't represent political activists or do other high stake legal work. I do transactions, corporations, taxes, and most information has a very short half-life. > By encrypting your mail, you > instantly remove the idea that the message you are sending is "bulk" in > any way, because the methods used to encrypt email involve key-pairs > specific to you and your client. Using public keys to encrypt, only the > secret private key can be used to decrypt -- and Microsoft wouldn't have > access to the secret keys. I am familiar with encryption and I see all the benefits you are touting. Your comment made me wonder whether something simpler, such as encoding the email in base64, would be enough to deter Microsoft from deep inspection? Does anybody have experience with the treatment of base64 encoded emails? > Hmmm....need to experiment. Could I write a milter for PostFix that > would (1) detect the message body is in plaintext, (2) the recipient > address has a public key listed in the key servers, and (3) encrypt the > body of the message. Neat idea. not sure if the recipient will like that, though. I am as guilty as my clients on the convenience vs confidentiality tradeoff. Last time I received encrypted emails I was annoyed at the delay for the decrypted message to appear in Thunderbird's preview pane every time I was moving up/down the message list. I understand the design decision not to store the unencrypted message at destination, but I still do not like it, also because of the risk of not being able to decrypt it in the future. I'd rather decrypt incoming messages once, then encrypt all of the storage with my own keys, but I have not found anything that works like that. Yuv
