In the world of the Internet, technology is constantly changing. The SMTP technology behind email, however, has not changed much since it was first released a very long tine ago. Despite the invention of SMTP SMARTTM to solve this problem, most emails are still unencrypted, and thus open to a man in the middle hack. Luckily though, a team of engineers from Microsoft, Google, Yahoo, Comcast, and other leading companies have been working on a proposal which would cut out the middle man hacker
The proposal which has been submitted to the Internet Engineering Task Force attempts to protect against hackers who want to intercept or modify emails. Under the proposal, when sending emails to a domain that supports SMTP STS, a technology will automatically check if the email’s destination supports encryption and if the email’s certificate is valid. Essentially, this will ensure that your email is talking to the right server. In the event that anything is seen as invalid, the email should fail to deliver and then tell the user why.
The full proposal is available here, and it contains a wealth of technical information on how the technology would work. If the proposal does succeed, it will finally ensure that the communications in email are safe and secure.Further reading: Email, Microsoft, Security