Download - No one cares about your damn emails
No one cares about your
damn emails
The email scandal and a primer on email servers and clients…
In the following slides you will:
Learn about the Hillary email scandal from the beginning
See how it fits into Benghazi, the FBI, the Attorney General and Congressman Anthony
Weiner
Discover mail servers, ingoing and outgoing protocol, and security on the webmail server
What happened?
March 2015: We learned that Hillary Clinton used her family’s private email server
for official communications.
However, she was to use official State Department emails accounts on federal
servers
Those official communications on the private email server would retroactively be
marked classified
How does Benghazi fit in?
The email scandal unfolded as Clinton is beginning her presidential bid and
hearings are held at the House Select Committee on Benghazi
Some members of congress have said that her private messaging system
software and private server violated State Department protocols and
procedures, as well as federal laws and regulations on recordkeeping.
Clinton says that her use of personal email was in compliance with federal laws,
and that former secretaries of state also maintained personal email accounts.
However, she is the only one to use a private email server.
Some of the classified emails were about Benghazi.
How does the FBI fit in?
The FBI began an investigation regarding how classified information was held on the
Clinton server.
Of the emails on the server, 113 contains information that would have been classified,
including 65 “secret” and 22 “top secret”
Of these 113 emails, only three had markings to identify it as classified
Director James Comey suggests that Clinton was not “technically sophisticated” enough
to understand what the three classified markings meant.
Nearly 2,100 emails on the server were retroactively marked as Classified.
Government policy is that sensitive information should be considered and handled as
classified
The ultimate finding for the FBI
IN May 2016, the State Department’s Office of the Inspector General released an 83-page
report on the email practices of the State Department, including Hillary Clinton.
On July 5, 2016, Comey announced that although Hillary was “extremely careless” in her
email handling, there was no wrongdoing on her part..
The next day, Attorney General Loretta Lynch announced no charges would be filed.
Clinton /Loretta Lynch connection
On June 27, 2016, Bill Clinton held up a Phoenix flight for 20 minutes so he might have a little chat with Attorney General Loretta Lynch.
9 days later, she would decide not to file charges against Hillary Clinton
New attacks on October 28 lead to new
actions on the 29th (ongoing!)
FBI Director announces out of the blue that he was looking into a potential new batch of
messages from her private email server.
Clinton responds quickly and sharply, questioning his motives 11 days from the election,
calling it “strange and …deeply troubling.”
By Saturday, she is vocal, accusing the director of smearing with innuendo late in the race
and violating Justice Department Rules
These rules establish guidelines advising against such actions so close to an election.
The Weiner link
It just so happens that Congressman Anthony Weiner, known for his sexting
failures on Twitter, has a wife who happens to be a long time Hillary aide, Huma Abedin.
These new emails were found on Weiner’s computer, as it was being searched for
sexually explicit messages with a teenager
But we digress, how
email works
Some technical details
What is an email server?
A server is a computer that handles and delivers e-mail over a network, usually
over the Internet.
An email server can receive emails from their own “client” computers and
deliver to other mail servers. It can also deliver emails to “client” computers only
Think of an email server as a neighborhood mailman. Without email servers, you
could only send email to those in your domain (gmail.com, outlook.com)
Types of mail servers
Two types of mail servers: Outgoing mail servers and incoming mail servers.
Outgoing mail services are known as SMTP (Simple Mail Transfer Protocol servers)
Incoming mail servers can be POP3 (Post Office Protocol, Version 3, best for
storing send and archived messages on PCs local hard drive) or IMAP (Internet
Message Access Protocol) store copies of messages on servers. Since most POP3
servers can also store messages, it is more convenient than IMAP
Sending an Email
1. You compose the message and hit send.
2. Your email client (Outlook Express, Gmail, etc.) connects to your domain’s SMTP server.
giving it your email address, the recipient’s email address, the message body and
attachments
3. The SMTP server processes the recipient’s mail address. If it is the same domain, it is sent
directly to the domain’s POP3 or IMAP server.
4. If the domain is different, the SMTP will have to communicate with other domain servers
Continued…
Sending an email: next steps
6. The sender’s SMTP server has to communicate with the DNS (Domain Name Server). The DNS takes the email domain name and translates it into an ipaddress. NOTE: If the DNS server is down (as happened with the recent Cyber Attack), the emails will be lost (can’t find their domain).
7. Although technically the SMTP server knows the address, and therefore the SMTP server that hosts this domain, the message may be routed along a series of unrelated SMTP servers
8. The recipients SMTP server scans the message. If it recognizes the domain and username, it forwards the message along the POP3 or IMAP server. It is then put in a sendmail queue until the recipient’s email client allows it to be downloaded, where the message can then be read by the recipient.
It looks like this:
Email clients
Yahoo mail and Gmail are examples of web-based email clients. In this case, you are using a Webmail client, which is accessed through your Web Browser.
If you are using a specialized program NOT on the web, like Microsoft Outlook, and Thunderbird, you are using a specialized email client. You will use software to read and send emails from your computer. Unlike web-based, your emails are stored on your computer. You can also read messages you have already received without Internet connections.
Hillary Clinton had a Private email client.
The email process is complex. There are programs, such as Postfix and Microsoft Exchange that facilitate the email process behind the scenes. This is a useful program when you host your own server.
It is thought that Hillary Clinton was using Microsoft Exchange as her email program.
Security in the email server
Encryption helps protect messages from interception or alteration.
Mail servers use the TLS (transport layer security) protocol to encrypt ingoing and outgoing channels
These mail servers have a special code, known as a certificate. Email software and servers will check for this to verify the server’s identity.
You may sometimes see that a site does not have a valid certificate. Proceed with caution.
Although most servers pay a certificate authority for a certificate, some smaller ones sign their own. Clinton’s server probably used a self-signed certificate, which is a security risk.
Another thing that she may have been lacking is message level encryption, which is built into the email client software.
Questions:
What are some differences between using a private email server and a web based
server?
How is an email server similar to a postman?
What does the DNS (domain name server) do?
What is a certificate?