FRAMINGHAM (03/09/2000) - Sendmail Inc., which offers the most popular e-mail routing engine on the Internet, is adding security features to its software that support a server-based approach to encrypted e-mail.
The company this week will introduce the Secure Switch line of message transfer agents (MTA), which are used to securely route e-mail. The upside for enterprise customers is that they can now encrypt e-mail at the server level and avoid having to issue digital certificates to individual users and train them to use encryption technology.
Many corporate users of e-mail systems such as Microsoft Exchange or Lotus Notes use a sendmail MTA, or gateway, to route their mail across the Internet.
Some 700,000 sendmail MTAs, many freeware versions of the software, are in use today on the Internet, according to a survey by reporting and analysis tool vendor Sirana Software.
Sendmail, which offers freeware and commercial versions of the MTA, is adding standards-based Transport Layer Security (TLS) to its product. Sendmail also is adding support for the Content Management API, which allows third-party products such as antivirus software and policy management tools to plug in to the MTA.
Secure Switch, which works with sendmail Version 8.10, will let e-mail administrators create a secure pipe up to 128-bit encryption to move their e-mail messages. The switch encrypts the transport tunnel instead of the message contents, creating a secure pipe similar to a virtual private network.
Administrators also can use TLS to support secure connections for mobile users.
The rub is that users on both sides of the encrypted tunnel must support TLS.
Besides Sendmail, Microsoft Exchange and Netscape Message Server support the protocol.
"Most companies don't need to encrypt every e-mail, so the questions are, do you use expensive encryption software with a subset of your users, and how do you fit that into your infrastructure," says Mark Levitt, an analyst with IDC in Framingham, Mass. "Sendmail allows enterprise users to upgrade a product they likely already have and make it more secure."
The software could find favor in large network environments, given that only 10% to 15% of enterprise e-mail users will have secure e-mail technology supported within their companies by 2001, according to a recent study from Gartner Group, a consulting firm in Stamford, Conn. The reason for this, the Gartner study says, is that encrypted e-mail is too difficult for end users to adopt and apply quickly.
"Secure Switch offers a dramatic increase in our security level, and we plan to promote it as a key part of the security we provide to our customers," says Phil Simmonds, director of technical marketing for Pilot Network Services, an ISP in Alameda, Calif.
The switch comes in three versions. Single Switch, which supports the Content Management API but not TLS; Secure Switch, which supports both the API and the encryption; and Multi Switch, which is aimed at large enterprise customers and includes centralized management and administration tools for use with multiple MTAs.
Single Switch is priced at $495, Secure Switch starts at $1,495 and Multi Switch starts at $4,495.