about_customblogblog_customclosedocumenteliemenuphotos_custompublications_customsearch_newsmiletoolsvideos_custom
close-normalfacebookgoogleinstagramlinkedinlocationmailredditrsstagtwitteryoutube

Neither Snow Nor Rain Nor MITM . . . An Empirical Analysis of Email Delivery Security

The SMTP protocol is responsible for carrying some of users’ most intimate communication, but like other Internet protocols, authentication and confidentiality were added only as an afterthought. In this work, we present the first report on global adoption rates of SMTP security extensions, including: STARTTLS, SPF, DKIM, and DMARC. We present data from two perspectives: SMTP server configurations for the Alexa Top Million domains, and over a year of SMTP connections to and from Gmail. We find that the top mail providers (e.g., Gmail, Yahoo, and Outlook) all proactively encrypt and authenticate messages. However, these best practices have yet to reach widespread adoption in a long tail of over 700,000 SMTP servers, of which only 35% successfully configure encryption, and 1.1% specify a DMARC authentication policy. This security patchwork— paired with SMTP policies that favor failing open to allow gradual deployment— exposes users to attackers who downgrade TLS connections in favor of cleartext and who falsify MX records to reroute messages. We present evidence of such attacks in the wild, highlighting seven countries where more than 20% of inbound Gmail messages arrive in cleartext due to network attackers.

IMC 2015

Share this paper on your favorite social network.

Stay in touch

Join the 35K awesome readers community!

or

Recent

Be in the Know

Join thousands of readers who receive my latest blog posts in their inbox.
 
No spam I promise and you can unsubscribe anytime.
Elie Bursztein © 2017
Papers
Blog
Tools
Photos
About Me

Recent entries