Government agencies and large business will presumably be the first to make extensive use of electronic mail, followed by small businesses and private individuals. When this starts to happen, it will become increasingly desirable to have fast, efficient cyphers to safeguard information from electronic eavesdroppers.
– Martin Gardner; Scientific American; Mathematical Games; August 1977.
Related information is provided in the sections on Internet security, remailers, viruses, and email viruses. This page focuses on the primary risk to the security of email: compromise of confidentiality and disclosure of your messages. The following subsections provide information on email filtering, web email vulnerabilities, the reaper exploit, and email encryption.
Filtering. Most countries have specific legal protections that prevent Governments and individuals from opening and reading your paper mail. Unfortunately, few countries have yet provided the same protections for electronic mail, which gives individuals, companies, and the state lots of legal room to read your email.
As a practical matter, your email can be easily read by people working in your company’s or Internet service provider’s computer department, and by the computer services department at the email’s destination. Email can also be read at any of the many routers along the path your email takes to get to its destination. However, unless you are the subject of a legal investigation, it is unlikely that anyone will ever actually intercept and read your email, if only because of the sheer volume — there are far too many thousands of emails passing through each email server and Internet router for anyone to realistically read more than a small fraction of them, even if they wanted to.
Nevertheless, it is possible that either the source computer, destination computer, or some intervening router could have a program configured to automatically copy any email that contains certain keywords for later human review. For example, your company may filter and copy email that contains important keywords like “Financial” or “Project Venus”. The computers at other companies receiving your email may have similar filters in place on mail coming into their network from the Internet.
In many countries the laws also allow police departments to put a filtering computer into Internet Service Provider network facilities that trap email from or to certain individuals or containing certain keywords, so that your email might get caught up in one of these vacuums.
It is particularly common for companies to monitor email that contains adult content. There have been many cases of employees being fired for sending email with adult content, such as adult jokes, when the company specifically had a policy in place against it.
Web email. There is an unexpected vulnerability to confidentiality of personal information with some web based email services. When you click a link on a web page, the HTTP protocol sends the URL of the current page to the new page. Therefore, if you access your email through a web based email service and click on a link in an email, the URL of the current web page is passed to the new page. This can cause unexpected compromise of personal information with web email services that put account information in the URL of the web page, since this information is transmitted to the server of any third party web page you access through your web email account. This information can include your email address, login ID, and even your actual name. In most cases the information can’t be used to actually access your web email account, since most services have implemented password and other protections, but it can reveal more personal information than is available through other normal web communications. Some actual examples logged by the LivingInternet server are shown below, where the identifying portions in bold have been slightly changed to protect the innocent. These were captured in 2002, and the sites may be more secure today.
If you are concerned about this risk, take a look at your URL when using web email, and if it has identifying data, then then instead of clicking on a link in your email, manually copy and paste it from the email into your browser’s location field, which is a clean jump with no sending web page to transmit personal data.
Reaper exploit. Email confidentiality can also be compromised by macro viruses like the reaper exploit, where the virus waits in the background and sends your reply or forward of an email back to the hacker, and then travels with your email to divulge copies of replies or forwards by the recipients back to the hacker as well. This term is used mainly as an historical reference because it sounds cool, and less because it is in common current use.
Encryption. Encrypting email is the only way to guarantee its confidentiality in transit. The most widely used method of email encryption is Pretty Good Privacy which integrates directly with your email application. There have also been a range of web based technologies that provide various email delivery security features (historically including Hushmail.com, Securedelivery.com, Ziplip.com, and Zixmail.com.)
The following document provides some historical information on email encryption: RFC 2634; P. Hoffman; Enhanced Security Services for S/MIME; June 1999.