Suneal

MetaMail: Getting Secure Email with Web3

suneal@newsletter.paragraph.com (Suneal) — Wed, 04 May 2022 10:53:00 GMT

Introduction: This article introduces the security and spam problems of today's email, and suggests the use of Web3 address to send and receive emails, which provides signing and end-to-end encryption for security. We have built MetaMail, now in beta phase. Click the link below to use it:

https://metamail.ink/

Email, Security and Spams

Since the invention of email in the last century, the protocol and running mechanism have not changed fundamentally: the sender submits an email to the mail server with SMTP(Simple Mail Transfer Protocol), and the mail server uses SMTP to transmit the mail to the recipient's mail server. The receiver receives mail from the server through IMAP/POP. While email has become a ubiquitous form of communication around the world and will remain mainstream in the long run, some of these important issues have not been well addressed: the lack of convenient email encryption and the flood of spam.

Email protocol

Lack of convenient email encryption: In SMTP, email is transmitted in plaintext, and the user's email is easily leaked or forged when it is transmitted by the email service provider on the Internet. In order to protect the content of emails, the Pretty Good Privacy (PGP) proposes to sign emails and encrypt them end-to-end with asymmetric encryption to ensure security. Under the PGP framework, each user needs to maintain his private key and publish public key. When a user sends an email, he would first use his private key to sign the content of the email to ensure the integrity of the email, and then use the recipient's public key to encrypt the mail's private key. The above process ensures that only the sender and recipient can decrypt the mail. The concept of PGP is very good, but it has not become popular. One important reason is that users need to maintain their own public and private key pairs, and ensure that the recipient's public key really belongs to the recipient (because Man-in-the-Middle-Attack (MIMT) can replace the public key). It’s best to physically confirm the identity of the other and exchange the public key offline. These complicated steps have largely prevented the popularity of PGP mail among mass users. In Web3, every user has a private key, and the user's wallet address is the public key (or the hash of the public key). This problem can be solved naturally.

Spam flooding: Spam has been around for almost as long as email and has a growing trend, with an estimated 90% of all emails on the web as spam as of 2014 [Email Spam]. Until now, if one wanted to set up their own in-mail server, he would have to think about how to filter spam, otherwise, the inbox would quickly become overrun with spam. The reason for the proliferation of spam is that on this open protocol, people don't have a good way to prevent Sybil attacks, that is, spammers can create a large number of addresses at almost zero cost to send a large number of emails. People can only passively identify and filter them, such as filtering malicious senders by SPF, DIKM, and IP blacklists. If one wants to set up his own out-mail server, he has to go through very complicated steps to avoid sending out mail directly into the trash (binding a domain name, setting a certificate, obtaining a reputable IP). Don't forget, an ugly truth is that all mainstream cloud vendors today have banned port 25 of the cloud host and prohibit users from sending emails from the host to protect the "reputation" of the IP address. People prevent spam by setting various strict conditions, which at the same time makes it difficult for individuals to set up a mail server. People have to prove that it is not spam before sending an email, which to a certain extent makes the personal mail service dominated by big platforms like Gmail and QQ Mail.

Plaintext emails and the flood of spam are long-standing problems with email. The MITM attacks and Sybil attacks are commonly faced in the Internet world. Fortunately, blockchain technology can naturally solve the above problems, making it easier than ever to send encrypted emails in Web3 and avoid spam.

Web3 and MetaMail

In Web3, users own their addresses and identities, and can use the address/ENS + @ + domain name as their own email addresses.

For example, an user's Ethereum address is 0x045ff23cf3413f6a355f0acc6ec6cb2721b95d99, and the MetaMail domain name is mmail.ink. Then he can use 0x045ff23cf3413f6a355f0acc6ec6cb2721b95d99@mmail.ink as the email address. Since this address has registered ENS suneal.eth, he can also use suneal.eth@mmail.ink as the email address. With such an address, the user can send mail to any mailbox as usual, and receive mail from other mailboxes such as Gmail. Isn't it kind of cool? Well, what's the benefit of this other than being cool?

The primary benefit is safety. Each Web3 address/ENS corresponds to a private key managed by the user. When using MetaMail, users can naturally use the private key to sign and encrypt emails. The public key is recorded on the blockchain, eliminating the need to exchange public keys. When users send emails, they use their own private key to sign the entire email content. The recipient can verify the integrity of the email according to the digital signature. The email content remains in the email format and is transmitted seamlessly with all other email addresses through SMTP. When sending emails to other MetaMail users, the recipient's public key can be used to encrypt the email end-to-end, thus ensuring that only the recipient can decrypt the content of the email.

Key binding

Another benefit is that spam can be reduced. The number of addresses on the blockchain is limited, and creating new addresses requires a certain cost—at least one transaction fee needs to be paid. The mail service providers only need to limit the sending frequency according to the sender's balance settings (a PoS-like mechanism) to block malicious addresses. With this mechanism, sending a large number of emails requires storing a certain balance or creating a large number of addresses, both of which will make it uneconomical to send spam from MetaMail addresses.

Signature and encryption ensure the security of MetaMail. Anti-spam will make MetaMail less likely to be marked as spam by the email filtering system. Moreover, the data of sending and receiving emails are transferred through the server and do not need to be stored on the blockchain, thus the whole process is completely free without gas fees.

In traditional mailboxes, such as Gmail, users "apply for" their own email addresses. In MetaMail, users have stronger control over email accounts. Users own their username, the mail service provider owns the domain name, and the two work together to send emails. Each email needs to be signed by the corresponding user. The encrypted email needs to be decrypted by the user, and the email service provider cannot arbitrarily create an account, or send or decrypt emails.

Users own their identities

How to Use MetaMail?

Quite simple, access metamail.ink, connect the wallet, then you can get your own email address with the suffix @mmail.ink. The whole process only requires a signature to verify the ownership of the account, completely free without gas fees. Users will not disclose private keys or other information.

In MetaMail, editing, sending and receiving mail is almost the same as other mail services. Before sending, the user needs to sign the content of the email to ensure its integrity. The signature will be stored in the header of the email EML. The email service provider and the recipient can verify the signature at any time.

Sign email before sending

When sending an encrypted mail, the user creates a random symmetric key locally, encrypts the content of the message with this key, and encrypts this key with the recipient's public key. When receiving an encrypted email, the user needs to use the wallet to decrypt the key for this email, and then use this key to decrypt the entire email. All encryption and decryption are performed at client side, and the email content is encrypted before uploading to the server and during transmission.

Decrypt MetaMail

Conclusion

This article introduces the security and spam problems of email. Using MetaMail in Web3 can easily perform email signature, verification, end-to-end encryption-decryption, and can reduce spam. We have implemented MetaMail for use. In the future, we will open-source the code and protocol of MetaMail to facilitate users to build their own MetaMail service.

MetaMail: Getting Secure Email with Web3

suneal@newsletter.paragraph.com (Suneal) — Tue, 03 May 2022 13:19:35 GMT

简介：本文介绍了电子邮件存在的安全性与垃圾邮件问题，提出使用Web3地址来发送和接收电子邮件的方法，其完全兼容普通邮件，免费无gas fee，能够使用密钥对邮件进行签名与端到端的加密，从而达到极致的安全性，并且能够减少垃圾邮件。我们搭建了MetaMail，现在处于Beta阶段，点击以下链接使用：

https://metamail.ink/

Email, Security and Spams

从上世纪电子邮件被发明至今，电子邮件的协议与运行机制没有太大变化：发信人使用SMTP协议将邮件提交到邮件服务器，邮件服务器间通过SMTP协议传送邮件到收件人的邮件服务器，收件人通过IMAP/POP协议从服务器收取邮件。虽然电子邮件已成为全球普遍使用的通信方式，并且在可见的未来一直保持主流，但其中一些重要的问题一直没有很好地被解决：缺乏方便的邮件加密和垃圾邮件泛滥。

Email protocol

缺乏方便的邮件加密方式： 在SMTP协议里，邮件内容是明文传输的，用户的邮件由邮件服务提供商在互联网传输时，很容易被泄露或伪造。为了保护邮件内容被篡改泄露，PGP组织提出通过非对称加密等技术对邮件进行签名与端对端加密来保证邮件安全。在PGP框架下，每个用户需要维护自己的私钥，公布自己的公钥，当用户发送邮件时，使用自己的私钥对邮件内容进行签名，保证邮件的完整性，使用收件者的公钥对邮件密钥进行加密，保证邮件只有收发双方才能解密邮件。PGP的理念非常好，但是并没有普遍流行起来，其重要原因之一是需要用户维护自己的公私钥对，并且确保收件人的公钥确实是属于收件的人的公钥（因为中间人攻击可能替换掉公钥），而安全的方法是收发双方线下用物理的方式确认对方身份并交换公钥，这些较为复杂的步骤在很大程度上阻止了PGP邮件在普通用户间的流行。而在Web3里，每个用户都拥有私钥，用户的钱包地址即公钥（或公钥的哈希），这个问题可以自然地被解决。

垃圾邮件泛滥： 垃圾邮件的历史几乎和电子邮件的历史一样久，并且具有越来越严重的趋势，据估计，截止到2014年，网络上90%的电子邮件都是垃圾邮件[Email Spam]。直到现在，如果一个人想设置自己的收邮件服务器，将不得不考虑如何过滤垃圾邮件，否则收件箱会很快被垃圾邮件占据。垃圾邮件泛滥的根本原因是，在这种开放的协议上，人们没有很好的方式来防止女巫攻击，即垃圾邮件发送者可以以几乎0成本的方式制造大量的地址发送大量的邮件，人们只能被动地识别与过滤它们，例如过SPF、DIKM以及建立IP黑名单等方式来过滤恶意发送者。当今个人如果想设立自己的发邮件服务器，也要经历十分复杂的步骤来避免发出的邮件直接被丢进垃圾箱（绑定域名，设置证书，获得信誉良好的IP），别忘了，一个ugly truth是当今所有的主流云厂商都会禁掉云主机的25号端口，禁止用户从主机发邮件，以保护IP地址的”信誉”。人们通过设置各种严格的条件来防止垃圾邮件，也同时提高了个人建立邮件服务器的困难程度——发邮件前你得先证明这不是垃圾邮件，这在一定程度上也使得邮件服务越来越集中在大平台如Gmail和QQMail中。

明文邮件和垃圾邮件泛滥是电子邮件长久以来的问题，其背后的中间人攻击与女巫攻击是互联网世界普遍面临的攻击模型。幸运的是，区块链技术可以很自然地解决这两个问题，在Web3中能够比以往更简单地发送加密邮件，并且避免垃圾邮件。

Web3 and MetaMail

在Web3里，用户拥有自己的地址与身份，可以使用地址/ENS + @ + 域名作为自己的邮箱地址。

例如用户以太坊地址为0x045ff23cf3413f6a355f0acc6ec6cb2721b95d99，MetaMail域名为mmail.ink。那么可以使用0x045ff23cf3413f6a355f0acc6ec6cb2721b95d99@mmail.ink作为邮箱地址。由于此地址已绑定了ENS suneal.eth，所以可以同样使用suneal.eth@mmail.ink作为邮箱地址。使用这样的地址，可以像往常一样往任何邮箱发送邮件，也可以接收来自Gmail等其他邮箱的邮件，是不是有点酷？Well，除了酷之外这样有什么好处呢？

首要的好处是安全。每个Web3地址/ENS都对应着由用户管理的私钥，用户在使用MetaMail时可以自然地用私钥进行邮件签名与加密，公钥则是记录在区块链上，省去了需要相互交换公钥的步骤。用户在发送邮件时，使用自己的私钥对整个邮件内容进行签名，接收者可以根据数字签名校验邮件的完整性，邮件内容仍然保持email格式，通过SMTP协议传送，与所有其他邮箱地址无缝互通；当向其他MetaMail用户发送邮件时，可以使用收件人的公钥对邮件进行端到端的加密，从而保证只有收件人才能看到邮件内容。

Key binding

另一个好处是可以减少垃圾邮件。区块链上的地址数量是有限的，创造新地址需要一定的成本——需要付至少一笔Transaction的手续费，邮件服务商者只需要根据发送者的余额设置限制发送频率（类似于PoS），屏蔽恶意地址即可防止垃圾邮件，此时发送大量邮件需要存储一定的余额或者制造大量的地址——两者的成本都会使得从MetaMail地址发送垃圾邮件不再经济。

使用MetaMail，签名与加密保证邮件的安全，防垃圾邮件会使得MetaMail被邮件过滤系统标记为垃圾邮件的概率更小，此时收发邮件的数据本身通过服务器中转，并不需要存储在区块链上，所以整个过程完全免费无Gas费。

传统邮箱里如Gmail，用户是在『申请』自己的邮箱地址。在MetaMail中，用户对邮件账户拥有更强的控制，用户拥有他们的用户名，邮件服务提供商拥有域名，两者合作才能进行发送邮件。每发一封邮件都需要对应用户的签名，加密的邮件需要用户才能解密，邮件服务提供商也不能任意创造账户、发送或者解密邮件。

Users own their identities

How to Use MetaMail?

非常简单，我们已经实现MetaMail，访问metamail.ink，连接钱包，即可获得自己的@mmail.ink后缀的邮箱地址，整个过程只需要签名验证账号归属，完全免费无gas费，用户不会泄露私钥等信息。

在MetaMail里，编辑、发送与接收邮件与其他邮件服务几乎没有区别。在发送前，用户需要对邮件内容进行签名，确保邮件的完整性。签名的信息会存储在邮件eml的文件头，邮件服务商与收件人可以随时进行验证。

Sign email before sending

在发送加密邮件时，用户会在本地创建随机的对称密钥，使用此密钥对邮件内容进行加密，然后使用接收者的公钥加密此密钥。接收到加密邮件时，用户需要使用钱包解密出此封邮件的密钥，然后使用此密钥对整封邮件进行解密。所有加密和解密都是在前端进行的，邮件内容在上传至服务器和传送过程中都处于加密状态。

Decrypt MetaMail

Conclusion

本文介绍了电子邮件存在的安全性与垃圾邮件问题，在Web3中使用MetaMail能够方便地进行邮件签名、验证和端到端的加解密，并且能够减少垃圾邮件。我们实现了MetaMail供用户使用，在未来，我们会将MetaMail的代码与协议开源，以方便用户搭建自己的MetaMail服务。