CTO and engineering consultant Dave Olesen said that the idea of using open source software to build an email server that is fully encrypted is not just a new idea, but one that he believes could help secure the internet.
Olesens, who is the author of Secure Email, is the founder and CEO of the security consulting company CTP Engineering.
“When I started working on email, I always thought it would be really difficult to use open source tools for building secure email servers, because there was not a whole lot of experience to draw on,” Olesesen told Ars.
“We started by looking at existing tools and then we realized we could build a lot of the features that we wanted.”
Olesensen’s solution to the problem was to build his own email server with the same encryption, anonymity, and availability as existing servers built using open-source tools.
“For me, that was a good starting point,” Oesens said.
“I thought that was really interesting because you can build a really secure server that’s just a shell on top of the underlying technology.
You can create something that is completely secure without a single piece of software that can be compromised.”
Oesen used open-sourced tools to build the server and has used them to build some of the most popular email clients.
While it’s possible to build such a server in any open source tool, Olesena said that CTP’s solution makes it possible to write a secure and easy-to-use email client that can run on any operating system and that runs on any device.
He described the system as a hybrid of the open-spec email server and the modern, commercial-grade email server.
The open-Spec system uses an HTTP server that connects to the open source mail server, but the server itself is designed so that it is completely isolated from the rest of the operating system.
The server is not running on any of the third-party software and is not connected to the Internet.
The Open-Spec server is built using the Python language and has its own dedicated TCP port.
“You can write your own custom TCP server and it works exactly the same as the Open-spec server,” Oatesen said.
The CTP system is fully open source and uses Python to build its own server.
“It’s basically a fully-configured Python server that runs just like any other server.
It has a built-in TLS implementation, it has an internal key store, and it has a custom TCP implementation,” he said.
Python and the CTP framework are the main components of the CTSP project.
OLSEN’S DEVELOPMENT OF THE SYSTEM “We wrote a whole bunch of different Python modules for this project and we’re using them for all of our applications,” OLSen said, describing the work in detail.
“So it’s basically like building a whole suite of Python modules that you can use for building an email client.”
The modules used in the project include Python’s built-ins for HTTP and HTTP-like protocols such as HTTPS, SMTP, POP3, IMAP, FTP, SMTPS, and SMTP-only protocols.
OLESEN SAID IT WAS NOT HARD TO BUILD A SAFE AND EFFECTIVE MESSAGE SERVER “We did a lot with Python, but it’s not easy to build it, so I wanted to make it really easy to use and easy to modify,” Olsen said of his effort to create a secure, efficient email server based on the open spec system.
“If you were building a really robust email server, you would have to take the same steps you would take to build any other secure email client, which is to build one that can scale, has all the security features that a secure server has, and has a lot more flexibility than a secure mail client,” Oelsen said about building an efficient email client.
“This is a great way to do that because you’re not really building a server that can only be secure on the server side, you’re building one that’s going to be accessible from all your applications.”
OLSENS SECURITY DEVELOPER SAYS HE DOES NOT HATE IT WHEN IT’S SEEN AS “NOT HARD, BUT IT IS A GOOD WAY TO DO IT” Olesenos security developer, Scott Tipton, said that Olesenes approach to security is “very different from the openspec approach.”
OTSEN’T A FAN OF OPEN SPECS “I think it’s very nice, and I think it was a lot easier to build this system because of the simplicity of it,” Otsens said of the design of the system.
Tiptons background as a web developer led him to write an open-standard email client for iOS.
“The reason I chose that as my first client was because it was easier for me to work with and