How to Require TLS for Outbound SMTP Connections with MDaemon
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
LOL exactly!
Just like the nudes in Apple's iCloud. all those celebs. The transmission from the phone to iCloud was secure via TLS, but hacking (OK really password guessing) allowed hackers to gain access to their account where the photos were stored unencrypted (or even if they were encrypted, they were decrypted by the same apple ID and password) and bam hackers have your nudes.
But that was all hacking of accounts, not a flaw in the system.
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said
In a business setting he is correct. You have a BAA with the company. It's that company's responsibility to ensure their internal staff is doing the right thing, not yours. You're only responsibiliy in HIPAA here is to not transit the data over a public connection unencrypted.
I agree with this now.
Still ain't sending my nudie pics. (HYPOTHETICAL. NO ONE WOULD WANT TO SEE THEM TRUST ME.)
The believe that anything short of fully encrypting the files (a la GPG) will prevent your pictures from being hacked is crazy.. it's like thinking snap chat will prevent your nudes from getting out there. Someone can screen capture the screen, or take a picture with another camera... bam again your picture are out there!
And even GPG... it's normally stripped on receipt. So like TLS, it generally vanishes instantly and automatically. The file cannot be viewed unless it is decrypted. So the encryption is guaranteed to be removed at some point.
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
LOL exactly!
Just like the nudes in Apple's iCloud. all those celebs. The transmission from the phone to iCloud was secure via TLS, but hacking (OK really password guessing) allowed hackers to gain access to their account where the photos were stored unencrypted (or even if they were encrypted, they were decrypted by the same apple ID and password) and bam hackers have your nudes.
But that was all hacking of accounts, not a flaw in the system.
it wasn't even hacking - it was guessing passwords - if you call that hacking, ok fine.. I don't.. but whatever.
I agree, it wasn't from a flaw in Apple's Security, it was a flaw in the person picking a password that was easy to guess for others.
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
There's not? So any data minipulation that the receiving party needs to do to that data can all be done on sharefile's servers? sharefile integrates directly into whatever EHR is in use and can just access the data at will?
This seems unlikely. The data will almost assuredly need to be pulled out of sharefile and used in some other place. i.e. you send an Excel file via sharefile to the client... they probably don't have Excel online integrated into sharefile - so they would have to download the file and then edit it on their desktop, etc.
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
There's not? So any data minipulation that the receiving party needs to do to that data can all be done on sharefile's servers? sharefile integrates directly into whatever EHR is in use and can just access the data at will?
This seems unlikely. The data will almost assuredly need to be pulled out of sharefile and used in some other place. i.e. you send an Excel file via sharefile to the client... they probably don't have Excel online integrated into sharefile - so they would have to download the file and then edit it on their desktop, etc.
Again, you guys were discussing nude pictures.
Yeah, for real business data you would need to download.
But so would you for e-mail.
Except now I know you downloaded it.
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
If there is no need for anyone to see it, why send it at all? The most secure file is one that never existed in the first place.
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
it wasn't even hacking - it was guessing passwords - if you call that hacking, ok fine.. I don't.. but whatever.
Social Engineering is classified as hacking. Always has been, even before hacking was a computer term.
-
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
There's not? So any data minipulation that the receiving party needs to do to that data can all be done on sharefile's servers? sharefile integrates directly into whatever EHR is in use and can just access the data at will?
This seems
unlikelyimpossible.FTFY
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
There's not? So any data minipulation that the receiving party needs to do to that data can all be done on sharefile's servers? sharefile integrates directly into whatever EHR is in use and can just access the data at will?
This seems unlikely. The data will almost assuredly need to be pulled out of sharefile and used in some other place. i.e. you send an Excel file via sharefile to the client... they probably don't have Excel online integrated into sharefile - so they would have to download the file and then edit it on their desktop, etc.
Again, you guys were discussing nude pictures.
Even pictures, if you want to display them, they have to be downloaded. SendFile or any service like that can't show you the images remotely and not have them downloaded to the local machine, it's physically impossible.
-
@scottalanmiller said
If there is no need for anyone to see it, why send it at all? The most secure file is one that never existed in the first place.
I want to go into a forest and contemplate this sentence for a bit.
-
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
Except now I know you downloaded it.
I know that in either case. In one case, though, I know to whom I made the connection and sent the file. In the other I have to trust a third party that I gave the file to that they did or did not give it to the right person.
-
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
If there is no need for anyone to see it, why send it at all? The most secure file is one that never existed in the first place.
I live by this.
-
@travisdh1 said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
If there is no need for anyone to see it, why send it at all? The most secure file is one that never existed in the first place.
I live by this.
Yup, if no one wants to see you naked, don't take the pictures!
Is that what you meant?
-
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@travisdh1 said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@BRRABill said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@scottalanmiller said in How to Require TLS for Outbound SMTP Connections with MDaemon:
@Dashrender said in How to Require TLS for Outbound SMTP Connections with MDaemon:
He's not even worried about that - he's worried about his nuke selfies getting in the hands of hackers when they hack O365 because he emailed his nude selfies to his wife.
Which they will get if you used SendFile or email, because they will be saved to someone's desktop in either case.
SendFile would be web-based. Your favorite!
So?
So there is no need for local download.
If there is no need for anyone to see it, why send it at all? The most secure file is one that never existed in the first place.
I live by this.
Yup, if no one wants to see you naked, don't take the pictures!
Is that what you meant?
Well, there was 1 person who liked seeing me naked....
Just in general. If it's not documented, it can't be "found".
-
I don't know why I didn't think of this right away. Must not have had my morning coffee yet, but MDaemon has a feature that allows you to specify which hosts or IPs require the use of STARTTLS. It's located under Security | Security Settings | SSL & TLS | STARTTLS Required List.
-
@brad_altn said in How to Require TLS for Outbound SMTP Connections with MDaemon:
I don't know why I didn't think of this right away. Must not have had my morning coffee yet, but MDaemon has a feature that allows you to specify which hosts or IPs require the use of STARTTLS. It's located under Security | Security Settings | SSL & TLS | STARTTLS Required List.
So how would you use that setting to accomplish what we want?
-
@brad_altn said in How to Require TLS for Outbound SMTP Connections with MDaemon:
I don't know why I didn't think of this right away. Must not have had my morning coffee yet, but MDaemon has a feature that allows you to specify which hosts or IPs require the use of STARTTLS. It's located under Security | Security Settings | SSL & TLS | STARTTLS Required List.
Cool, is there a way to specify "all"? Being able to list some is definitely a good start, though.
-
@scottalanmiller Not yet, but I believe this functionality may be in the works for a later release.