安全的電子郵件要怎麼建立

電子郵件是—種用電子手段提供信息交換的通信方式，是互聯網應用最廣的服務。接下來小編爲大家整理了安全的電子郵件要怎麼建立，希望對你有幫助哦!

Unencrypted messages can be hijacked in transit and read or the mail is not digitally signed，you can't be sure where it came from.

未加密的信息可能在傳輸中被截獲、偷看或竄改。如果郵件不是數字簽名的，你就不能肯定郵件是從哪裏來的。

There are many options for securing e-mail，all with a few strengths and probably more weaknesses.

確保電子郵件的安全有多種選擇，它們都有些長處，但有可能存在更多弱點。

Let's take care of the easy re/Multipurpose Internet Mail Extensions(S/MIME)should be the message encryption and digital signature format because it's the accepted standard and is built into leading e-mail clients such as Microsoft Outlook 98/2000 and Lotus Notes a standard such as S/MIME only takes you so vendor has implemented its own interpretation of S/MIME，which makes interoperability drawback is exacerbated by the emergence of S/MIME Version 3 in the newest e-mail clients，which again could create interoperability issues.

讓我們先關注一下容易做的決定，安全/多用途因特網郵件擴展(S/MIME)應該是信息加密和數字簽名的格式，因爲它是已被認可的標準，被做進了主要的電子郵件客戶端軟件中，如微軟的Outlook 98/2000和蓮花公司的Notes R5。迄今爲止，你只能用S/MIME一類的標準。每家供應商都有自己對S/MIME的解釋，這就引出 了互用性問題，最新的電子郵件客戶端軟件中S/MIME三版的出現，加重了這個缺陷，它再次可能帶來互用性問題。

The path of least resistance is to get an e-mail security gateway， which is analogous to a firewall for y message going in or out pases through the gateway，allowing security policies to be enforced (where and when messages can be sent)，virus checking to be performed，and messages to be signed and encrypted. One drawback of the gateway approach is that it doesn't provide user-based example，the gateway encrypts outbound messages so recipients can verify they came from your company，but recipients can't prove from whom they came.

阻力最小的道路就是採用電子郵件安全網關，它相當於電子郵件的防火牆。進出的每一條信息都要經過網關，網關可以實施安全政策(信息在何 時向何地發送)、執行病毒檢查並給信息簽名和加密。這種網關方法的一個缺陷就是它不 能提供基於用戶的安全性。例如，網關對向外發的信息進行加密，因而接收方能驗證它 們來自你的公司，但接收方不能證明它們來自哪個人。

Client-based methods use your private key to sign messages(proving it came from you)，which is a more granular level of security，but they have weaknesses as need to be configured on each desktop，which includes issuing a digital certificate to each user (for encryption and digital signature)，and ensuring that a proper security profile is configured within the e-mail client.

基於客戶端的方法採用你私人密鑰來簽署信息(證明它出自於你)，這是更細化的安全等級，但它們也有弱點。它們需要配置到每個桌面系統，包括向每個用戶發數字證書(用於加密和數字簽名)，並確保在每個電子郵件客戶端都配置了合適的安全配置文件。

There are also a number of Web-based secure mail services that keep all messages within their environment at all times to ensure use a secure site on the Internet to compose a you hit“Send”，the site encrypts and stores the message on its site，and sends the recipient an e-mail notification that a secure message is recipient links to the site， provides a shared secret for authentication，and accesses the message via Secure Sockets Layer. Unfortunately，this method does not work with existing enterprise e-mail systems.

也有多種基於Web的安全郵件服務，這些服務在任何時候把所有信息都保持在它們的環境中，以確保安全性。你利用因特網上一個安全網站來 編寫信息，一旦你點擊了“發送”，網站就進行加密和把信息保存在該網站中，並向接收方發一份電子郵件通知，告訴他有一份安全的信息等他去接收。接收方鏈接到該網站，提供用於認證的共享祕密，通過安全入口層(SSL)訪問該信息。可惜，此方法不能與現有的企業電子郵件系統一起工作。

The stickiest issue is building a directory of digital directory holds the certificates needed to encrypt messages to a rnally，building the directory may not be a big deal because all certificates for a company can be published in a central Lightweight Directory Access Protocol server，but externally this causes many will need to establish an agreement with a recipient's organization to ensure access to the right digital process， however， creates more user training issues and adds complexity to e-mail communications.

最困難的問題是建立數字證書目錄。此目錄保存着向一名接收人發的信息進行加密所需的證書。從內部講，建目錄可能不是件大事，因爲一家公司的所有證書可以由中央簡化目錄訪問協議服務器頒發，但從外部講，這會引起很多問題。你需要與收件人所在組織達成協議，以確保訪問正確的數字證書。然而，這個過程會造成更多的用戶培訓問題以及增加電子郵件通信的複雜性。

Although there is technology available for secure e-mail， widespread deployment is still problematic. However，as more companies and regular e-mail users see the need to secure their messages，the use of digital certificates will one day become a transparent part of your everyday activities.

雖然已有技術可用於安全的電子郵件，但廣泛部署仍是個問題。然而，隨着更多的公司和普通電子郵件用戶看到了確保其信息安全的需要，終 有一天使用數字證書會變得透明，成爲你日常生活的一部分。