Encryption between mail servers

teancum144

Which of the following protocols is used for encryption between email servers?

A. TLS
B. L2TP
C. S/MIME
D. PPTP

The answer is "A". Why couldn't it be "B" or "D" (e.g. using IPSec)?

teancum144

Additionally, some sources S/MIME can be used to encrypt messages between servers. Is the reason this is unlikely due to the burden of managing certificates?

ptilsen

L2TP and PPTP do not provide encryption on their own, and therefore are not valid answers. IPSec is not implied with either, even though in practice L2TP generally rides over IPSec. S/MIME does not encrypt transmission, which is implied with "between mail servers".

Of these, TLS is the only protocol prescribed specifically for encrypted transmission between mail servers, and therefore is the only valid answer.

cyberguypr

As ptilsen said, only one answer. S/MIME is eliminated first as it is not a protocol and the question asks for this specifically. L2TP and PPTP do not provide inherent encryption. That leaves TLS which natively provides encryption.

paul78

For mail server to mail server communications - you probably know that the protocol used is SMTP (Simple Mail Transfer Protocol). The SMTP protocol includes an extension defined in RFC3207 which is used to encrypt communications between mail servers. The actual standard is commonly called STARTTLS which uses TLS as the authentication and encryption mechanism.

The way that is works can be described in this conversation between 2 mail transfer agents (MTA).

MTA A> [Opens TCP connection on port 25 to MTA B]
MTA B> [Accepts connection from MTA A]
MTA B> receiver.mail.server SMTP ready
MTA A> EHLO sender.mail.server
MTA B> 250 Hey there
MTA A> STARTTLS
MTA B> 220 Go ahead
MTA A> [Starts the TLS negotiation]

The other choices in the question are not natively supported by the SMTP protocol.

teancum144

Very helpful answers. Thanks to all who contributed.