3

I'm trying to send emails to clients but securely as the contents will contain phone numbers and email addresses.

I want to use SES but I need to encrypt the contents of the email while it's in transit.

Apparently, S/MIME is an option. As per this documentation:

https://docs.aws.amazon.com/ses/latest/DeveloperGuide/security.html

I've looked on how to use it, but tutorials are just installing certificates in Outlook etc. This really isn't my area of expertise.

How do I go about ensuring the contents of my email is secure when sending it to clients programatically. Once it reaches the inbox of the client and they can read it, I don't really care what happens to it. If there are better solutions, let me know but it's got to be using SES.

Any help?

Jonathan M
  • 83
  • 1
  • 7

1 Answers1

1

S/MIME is for end-to-end public key encryption of the message. SES supports the HTTPS or TLS protocols for encryption of messages in transit. All programatic calls would normally use those protocols.

Rodrigo Murillo
  • 13,080
  • 2
  • 29
  • 50
  • Sorry, what's the difference between end-to-end encryption and encryption of messages in transit? – Jonathan M Feb 13 '20 at 23:34
  • 1
    Thanks Rodrigo, I found this explaining it to me https://stackoverflow.com/questions/3907020/email-security-tls-and-s-mime _That the difference is No. TLS encrypts the communication channel. S/MIME encrypts the message. I.e., it's the difference between "talking openly on a secure line" and "talking in code on an insecure line."_ However, if there are many hops, what's to say that there will be hops that aren't using TLS? – Jonathan M Feb 14 '20 at 00:25
  • You bet. Good description. The main point is that in end to end, the sender himself would encrypt the message. With intransit encryption, the sender sends the message in clear text, but travels the wire encrypted. The recipient sees the message in clear text on receiving the message without the need to manually decrypt. Which is what you wanted in your scenario. – Rodrigo Murillo Feb 14 '20 at 05:18
  • In TLS, the entire transfer is secure, regardless of any intermediate hops – Rodrigo Murillo Feb 14 '20 at 05:23