Encryption between mail servers

teancum144teancum144 Member Posts: 229 ■■■□□□□□□□
in Security+
Which of the following protocols is used for encryption between email servers?

A. TLS
B. L2TP
C. S/MIME
D. PPTP

The answer is "A". Why couldn't it be "B" or "D" (e.g. using IPSec)?
If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. :D
· Share on FacebookShare on Twitter

Comments

  • teancum144teancum144 Member Posts: 229 ■■■□□□□□□□
    Additionally, some sources S/MIME can be used to encrypt messages between servers. Is the reason this is unlikely due to the burden of managing certificates?
    If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. :D
    · Share on FacebookShare on Twitter
  • ptilsenptilsen Member Posts: 2,835 ■■■■■■■■■■
    L2TP and PPTP do not provide encryption on their own, and therefore are not valid answers. IPSec is not implied with either, even though in practice L2TP generally rides over IPSec. S/MIME does not encrypt transmission, which is implied with "between mail servers".

    Of these, TLS is the only protocol prescribed specifically for encrypted transmission between mail servers, and therefore is the only valid answer.
    Working B.S., Computer Science
    Complete: 55/120 credits SPAN 201, LIT 100, ETHS 200, AP Lang, MATH 120, WRIT 231, ICS 140, MATH 215, ECON 202, ECON 201, ICS 141, MATH 210, LING 111, ICS 240
    In progress: CLEP US GOV,
    Next up: MATH 211, ECON 352, ICS 340
    · Share on FacebookShare on Twitter
  • cyberguyprcyberguypr Mod Posts: 6,928 Mod
    As ptilsen said, only one answer. S/MIME is eliminated first as it is not a protocol and the question asks for this specifically. L2TP and PPTP do not provide inherent encryption. That leaves TLS which natively provides encryption.
    · Share on FacebookShare on Twitter
  • paul78paul78 Member Posts: 3,016 ■■■■■■■■■■
    For mail server to mail server communications - you probably know that the protocol used is SMTP (Simple Mail Transfer Protocol). The SMTP protocol includes an extension defined in RFC3207 which is used to encrypt communications between mail servers. The actual standard is commonly called STARTTLS which uses TLS as the authentication and encryption mechanism.

    The way that is works can be described in this conversation between 2 mail transfer agents (MTA).

    MTA A> [Opens TCP connection on port 25 to MTA B]
    MTA B> [Accepts connection from MTA A]
    MTA B> receiver.mail.server SMTP ready
    MTA A> EHLO sender.mail.server
    MTA B> 250 Hey there
    MTA A> STARTTLS
    MTA B> 220 Go ahead
    MTA A> [Starts the TLS negotiation]

    The other choices in the question are not natively supported by the SMTP protocol.
    · Share on FacebookShare on Twitter
  • teancum144teancum144 Member Posts: 229 ■■■□□□□□□□
    Very helpful answers. Thanks to all who contributed.
    If you like my comments or questions, you can show appreciation by clicking on the reputation badge/star icon near the lower left of my post. :D
    · Share on FacebookShare on Twitter
Sign In or Register to comment.