An architecture for end-to-end and inter-domain trusted mail delivery service

Common methods of e-mail delivery over the Internet is vulnerable to some significant security risks. In this study, a "trusted mail gateway" aiming at reliable and trusted end-to-end e-mail delivery is presented. The designed trusted mail gateway provides a domain with the basic security services that are message integrity, confidentiality, non-repudiation, origin authentication and availability while the message (e-mail) is being delivered through the Internet. It generates S/MIME digital signatures and performs S/MIME encryption on behalf of the domain using secret key cryptography and public-key techniques and generating cryptographic message syntax (CMS) data to provide origin authenticity, integrity and confidentiality. It applies anti-virus control and protection, spam filtering and content check to both incoming mails to the domain and outgoing mails from the domain to prevent attacks against availability. Trusted mail gateway also provides intra-domain security. It keeps e-mail messages in corresponding mailboxes as encrypted messages. Trusted mail gateway processes all the mails passing through and records processing results in a database as notary information. Moreover, it establishes trust relations with other registered trusted domains and exchanges notary information with them via a secure channel