EmailDiscussions.com  

Go Back   EmailDiscussions.com > Email Service Provider-specific Forums > FastMail Forum
Register FAQ Members List Calendar Search Today's Posts Mark Forums Read
Stay in touch wirelessly

FastMail Forum All posts relating to FastMail.FM should go here: suggestions, comments, requests for help, complaints, technical issues etc.

Reply
 
Thread Tools
Old 15 May 2017, 01:21 PM   #1
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
Question is outgoing mail to the kp.org domain normally opportunistically encrypted

Apropos Opportunistic SSL/TLS encryption on incoming emails --https://blog.fastmail.com/2009/04/16/opportunistic-ssltls-encryption-on-incoming-emails/
IIRC, there's also Opportunistic SSL/TLS encryption on OUTGOING emails. And I vaguely recall there was a some kind of post showing the fraction of mail that is actually encrypted at some point (I haven't tried to find it...)

My question is, is outgoing mail to the kp.org domain normally encrypted? I'm considering sending email there (to the records department -- oak-roi@<that domain> ) and will not do it if it isn't, and don't have a good way to message the department if I can't email it. I've been admitted to the hospital and will be here for at least another week. (The alternative is to resort to faxing with an internet fax service, which is arguably slightly less or more secure than unencrypted email.)

I'm not worried about STARTTLS downgrade attacks
-- http://www.emaildiscussions.com/showthread.php?t=71133&highlight=smtp+encryption
.

If anyone from fastmail can check the logs to answer this question, I'd appreciate it. I suppose I can open a support request, but the answer could be generally useful, so I'm asking here.
elvey is offline   Reply With Quote

Old 15 May 2017, 01:31 PM   #2
n5bb
Intergalactic Postmaster
 
Join Date: May 2004
Location: Irving, Texas
Posts: 8,221
I suggest using their secure message service. See:
https://share.kaiserpermanente.org/a...-care-quality/

Bill
n5bb is offline   Reply With Quote
Old 15 May 2017, 04:29 PM   #3
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
Quote:
Originally Posted by n5bb View Post
I suggest using their secure message service. See:
https://share.kaiserpermanente.org/a...-care-quality/

Bill
It's not available to former members.

They lock you out - no access to online records. Awful if it's unexpected, as was the case with me.

But as a member, it's great to be able to email your doctors and pharmacist, etc and get replies securely!

Last edited by elvey : 16 May 2017 at 12:47 AM.
elvey is offline   Reply With Quote
Old 16 May 2017, 12:44 PM   #4
brong
The "e" in e-mail
 
Join Date: Jul 2004
Location: Melbourne, Australia
Posts: 2,658

Representative of:
Fastmail.fm
2017-05-15T03:50:24.281947-04:00 gateway1 postfix-out/smtp[2091062]: Trusted TLS connection established to mail2.kp.org[162.119.233.53]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
2017-05-15T03:50:26.208210-04:00 gateway1 postfix-out/smtp[2091062]: 789442086A: to=<oak-roi@[...]

Yes, they are.
brong is offline   Reply With Quote
Old 17 May 2017, 12:47 AM   #5
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
Thanks BronG!

Emailed 'em. Turns out they have a secure email system that kicks in when they reply.
It's separate from the usual one for current members, but lets me reply securely. It says you have a reply, click here to set up an account so you can read the message, and doing so drops me into a web app that supports replies, etc.
elvey is offline   Reply With Quote
Old 6 Jun 2017, 07:15 AM   #6
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
BronG, can you check ucsf.edu too?
elvey is offline   Reply With Quote
Old 6 Jun 2017, 07:33 AM   #7
brong
The "e" in e-mail
 
Join Date: Jul 2004
Location: Melbourne, Australia
Posts: 2,658

Representative of:
Fastmail.fm
gateway2 postfix-out/smtp[2967920]: Trusted TLS connection established to cuda.ucsf.edu[64.54.247.181]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)

yep, they all look like this.
brong is offline   Reply With Quote
Old 9 Jun 2017, 03:05 AM   #8
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
Cool, thanks. Kind of a weird way to ensure security, but weirdly effective.

And for others, note that if you can look at the email headers, you can see whether the connection was encrypted. E.g. from the header of a message I received:

Received...
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
elvey is offline   Reply With Quote
Old 31 Aug 2017, 08:50 AM   #9
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
BronG, can you check dmhc.ca.gov too?
elvey is offline   Reply With Quote
Old 31 Aug 2017, 09:02 AM   #10
brong
The "e" in e-mail
 
Join Date: Jul 2004
Location: Melbourne, Australia
Posts: 2,658

Representative of:
Fastmail.fm
(Elvey - this was your email to them)

2017-08-28T21:05:01.140957-04:00 gateway2 postfix-out/smtp[1605279]: Trusted TLS connection established to dmhc-ca-gov.mail.protection.outlook.com[216.32.181.42]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
brong is offline   Reply With Quote
Old 2 Sep 2017, 01:27 AM   #11
elvey
The "e" in e-mail
 
Join Date: Jan 2002
Location: San Francisco
Posts: 2,386
Quote:
Originally Posted by brong View Post
(Elvey - this was your email to them)

2017-08-28T21:05:01.140957-04:00 gateway2 postfix-out/smtp[1605279]: Trusted TLS connection established to dmhc-ca-gov.mail.protection.outlook.com[216.32.181.42]:25: TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)
Thanks. ( Pleasant surprise to see Microsoft got with the program on this. I would hazard a guess that all connections to MX that resolve to *.mail.protection.outlook.com are normally opportunistically encrypted. )
elvey is offline   Reply With Quote
Reply


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +9. The time now is 12:19 PM.

 

Copyright EmailDiscussions.com 1998-2013. All Rights Reserved. Privacy Policy