segmentation fault

Email (In)security

Email (In)security

There is no such thing as secure email. Email is an inherently insecure protocol, conceived at a time when security was an afterthought. There are fundamental flaws with email that cannot be mitigated by slapping encryption on top.

Problems with…

Email Authentication

Sender Policy Framework is a protocol used to authorize the mail transfer agents allowed to send mail on behalf of a domain. However, SPF alone is almost useless in protecting against spoofing as it is designed to protect against forged senders and not forged headers shown in clients.

DomainKeys Identified Mail is a email authentication protocol meant to prove that an email originates from a specific domain by utilizing asymmetric cryptography. The server generates a keypair and publishes the public key in a DNS record. The body and certain email headers are hashed and signed, writing the signature of the hashes as an email header.

Domain-based Message Authentication, Reporting and Conformance solves some of these problems by letting domain owners define a policy for the enforcement of SPF and DKIM and the handling of email authentication failures. DMARC alignment ensures the domain in the RFC5322.From address aligns with SPF or the DKIM domain tag and is an essential part of spoofing protection.

Transport Encryption

Email was not designed with encryption in mind, so when it came time to introduce encryption for message transfer, someone said STARTTLS looked good.

There are plans to mitigate this, primarily with MTA-STS and DANE.

Email Encryption

OpenPGP, the de facto standard for email encryption, has numerous problems. Encrypted emails also do not protect metadata such as the sender, recipient, and timestamps, something modern messengers like Signal have done with its sealed sender.

Mailbox Encryption

Providers using mailbox encryption can be legally compelled to disable encryption of new incoming email. Users should not rely on mailbox encryption to conceal the contents of their emails from their provider.


All of these security mechanisms are optional, and highlights a fundamental flaw in how email services operate. Basic steps such as requiring encryption for all messages will sever communications with entire swaths of providers, and email authentication support is still lackluster on most providers.

Avoid Email.