Email forwarding security

Dear all,

I do not know, if my topic matches exactly to the topic of this group,
but however, somebody might be able to help me.

A friend of mine has a server (linux based) and offered me to host my
domain including my email addresses. He offered me to forward the under
these addresses incoming emails automatically to my mailaccount
somewhere else. My question: I he in principle able to read the
forwarded emails without that I take notice of it?
If yes, then, would that be the same case with each other big
hosting/email provider which is forwarding emails?
If no, how could I take notice of it? Are there some changes in the
email headers?

Regards,
Christian Hendrich

On 8 Feb 2006 10:31:20 -0800, "Christian Hendrich"
<(E-Mail Removed)> wrote:

>Dear all,
>
>I do not know, if my topic matches exactly to the topic of this group,
>but however, somebody might be able to help me.
>
>A friend of mine has a server (linux based) and offered me to host my
>domain including my email addresses. He offered me to forward the under
>these addresses incoming emails automatically to my mailaccount
>somewhere else. My question: I he in principle able to read the
>forwarded emails without that I take notice of it?
>If yes, then, would that be the same case with each other big
>hosting/email provider which is forwarding emails?
>If no, how could I take notice of it? Are there some changes in the
>email headers?
>
>Regards,
>Christian Hendrich

It depends on how the forwarding is set up. Using the normal method,
which is to create a .forward file, then the message IMMEDIATELY gets
forwarded so it cannot normally be read on the forwarding computer.
Of course, nothing prevents a copy from being kept.

If the forwarding is done some other way, then yes he can read your
mail.

And the final answer is that yes, any competent person can intercept
your mail and no, you would never know. SMTP = "Simple Mail Transfer
Protocol" and SIMPLE is the keyword.

CAVEAT: The above is a generalization.
--
buck

Buck,

thanks a lot. This is actually the point: The server might be
configured to keep a copy before forwarding the mail, e.g. via some
systemwide procmailrc. This would be a quite easy to realize and I
would find out.

Do you know a forwarding solution, where just the mail header is
analized by the server, modified and then the content goes directly to
the final destination?

Probably one can only overcome the spy by encryption, e.g. with pgp or
gpg...

Regards,
Christian

Buck,

thanks a lot. This is actually the point: The server might be
configured to keep a copy before forwarding the mail, e.g. via some
systemwide procmailrc. This would be a quite easy to realize and I
would never find out.

Do you know a forwarding solution, where just the mail header is
analized by the server, modified and then the content goes directly to
the final destination?

Probably one can only overcome the spy by encryption, e.g. with pgp or
gpg...

Regards,
Christian

On 8 Feb 2006 16:12:04 -0800, "Christian Hendrich"
<(E-Mail Removed)> wrote:

>Buck,
>
>thanks a lot. This is actually the point: The server might be
>configured to keep a copy before forwarding the mail, e.g. via some
>systemwide procmailrc. This would be a quite easy to realize and I
>would find out.
>
>Do you know a forwarding solution, where just the mail header is
>analized by the server, modified and then the content goes directly to
>the final destination?

No, but it can't hurt to look around.

>Probably one can only overcome the spy by encryption, e.g. with pgp or
>gpg...
>
>Regards,
>Christian

I think you just answered our own question, except that you can't
insist that mail you receive be [gp]pg encrypted so only what you send
and what is properly replied to will be inscrutable.
--
buck

On Wed, 08 Feb 2006 10:31:20 -0800, Christian Hendrich wrote:

> Is he in principle able to read the forwarded emails
> without that I take notice of it?

It's not hard to set up a mail server to save a copy of any
email that passes through it. Your friend could easily read your email
without your ever being able to tell. If you want to ensure that your
email correspondence remains private, then you need to encrypt it.

Dan