Generally, privacy minded citizens vouch for a translation of the secrecy of correspondence of traditional letter to e-mail. In this proposal, e-mail is commonly compared to traditional letters. However, e-mail is from a technological point of view better comparable to postcards. Nevertheless, secrecy of correspondence can be seen as a more general secrecy of communication.

E-mail is the digital replacement for traditional mail. In all its implementations, envelopes and letters appear to visualise the analogy that has been made between traditional letters and their digitalised counter parts. Although this analogy proves to be rather apt, like most analogies in the digital world, this has some flaws in it.

On Digital Post Offices and Mailboxes
The analogy of the distribution system of the postal services fits surprisingly well to the situation of e-mail. When you send an e-mail, you put it into the outgoing mailbox of your Internet Service Provider, which is comparable to putting it in the mailbox down the street. At this point, your provider will sent this mail either directly or through a number of intermediate e-mail servers to the receiver’s mailbox at the side of his provider. Once again, this can be compared very well to the nationwide network of distribution centres the postal services have. Finally, when the receiver opens his mailbox, it is like he is checking his post office box.

Although most people expect e-mail to be private, it is commonly sent in the clear. Even when you secure your delivery at the mailbox using Transport Layer Security, the methods of delivery between the mailbox and the various intermediate hubs are out of your control. For this reason, e-mail messages generally have no end-to-end secrecy. Furthermore, all intermediate providers have access to your message. This is why postcards prove to be a better analogy for e-mail.

E-mail Forgery Is Rather Easy
Given the clearness and transparent fashion in which e-mail is sent, one can imagine that forgery is not very hard. Actually, this is very similar to normal letters, where I can really write any return address on my letter. Comparably, I can pretend to send from any e-mail address I want.

There are some simple countermeasures to prevent easy spamming. To give an example, one of these measures consist of verifying with the owner of the domain name in the e-mail address whether the originating IP address is authorised. However, this is typically the kind of measure that stops spammers that go for the low hanging fruit, and not a method to stop forgeries made by attackers with deeper malicious intentions.

Encryption: the Digital Envelop
This is where e-mail encryption enters the scene. By encrypting your message, only the receiver can read the contents of your mail, as if there is a sealed envelop around the message. In other words, e-mail encryption is what can make e-mail like letters instead of postcards. This even has the added benefit that opening a letter is rather easy, although you would probably notice this.

Nowadays, two standards for e-mail encryption are popular: S/MIME and PGP. The former is easier to install, uses the traditional certification infrastructure of the Internet and is quite popular in business environments where confidentiality is important. The latter is the traditional default, provides the best trust infrastructure and is popular with the open source and privacy community. Nevertheless, setting up PGP – most commonly, the open source implementation GPG – is not easy at all.

E-mail as Postal Service
In the end, e-mail really is like traditional postal services. Nevertheless, the perceived confidentiality and integrity of digital letters is largely overrated. For this reason, e-mail encryption should become more popular. On the other hand, the fact that e-mail is, from a technological perspective, not very private at all, should not be a reason to have no secrecy of digital correspondence, which is a legal issue, and not a technological affair.

Leave a Reply

Your email address will not be published. Required fields are marked *