Archive

Posts Tagged ‘email’

Secure Email?

October 1, 2017 1 comment

If you want to send confidential content via email you have to think about quite a few things. Its not enough to secure the channel you have to also secure the content. And when I say secure the channel, you have to hope it is, because while a lot of email endpoints or MTAs are now setup with optimistic TLS, some are not, and you won’t really know until you’ve been hacked.

And of course your metadata isn’t encrypted, and this might be as revealing as your content in some cases. DMARC, SPF, DKIM and so on will help, or you could run a scan with a tool like SSL labs on the domain, or some of the available mail test services against a known MTA, but that might be beyond some. As for mobile, things vary from OS to OS, version to version and so on.

PGP is still your friend here, but if you have your tinfoil hat on as well you might want to get away from some of the global multi-function services that have interests in aspects of your behaviour, your traffic patterns, email relationships and their attitudes to law enforcement requests. So, here is a quick, off the cuff comparison of a couple of services: MailFence and ProtonMail. Tell me where I have my facts wrong if you spot something!

Mailfence Protonmail
free version available yes yes
cost for upgrade €2.50 – €7.50 per month €4.00 – €24.00 per month
pgp yes yes
keychain yes no – but coming
secure non-user email Yes – PGP Yes – proprietary OTP
app x yes – Android, iOS
web yes yes
TLS yes yes
imaps, pops, SMTPS,… Yes – with paid versions No – but coming
SPF,DKIM,DMARC,… Yes Yes
mail yes yes
calendar yes no
contacts yes no
docs yes no
location BE CH
jurisdiction EU-BE CH
applicable law GDPR, NIS, ePrivacy CH
Multi Factor Authentication  Yes Yes
Other integrations POPs, IMAPs, SMTPs,
iOS, Android, Exchange, LDAP
 Business version
ssllabs test  A+  A+
custom domains yes – paid yes – paid
open source no yes
Advertisements

Aperture Nepomuk queries

February 22, 2011 1 comment

Having crawled an Imap store (ie google mail), I now need to query the results to see whats what, whos who, and how they are connected, if at all.

These are the namespace prefixes used in the queries

Prefix URI
nie http://www.semanticdesktop.org/ontologies/2007/01/19/nie#
nco http://www.semanticdesktop.org/ontologies/2007/03/22/nco#
nfo http://www.semanticdesktop.org/ontologies/2007/03/22/nfo#
nmo http://www.semanticdesktop.org/ontologies/2007/03/22/nmo#
sesame http://www.openrdf.org/schema/sesame#

And these are the queries. Note that each message is in its own graph, and references the folder in which it rests – eg <imap://youraddress@imap.yourprovider.com/INBOX;TYPE=LIST>. This in turn nie:isPartOf another folder, which isnt nie:isPartOf a parent folder.

An Imap store has a username and password etc, but doesnt have an associated email address. A folder may contain messages to the owner with an email address the server accepts, but may also contain messages to other addresses if the cc list contains the owner address.

id Folder Relationship Purpose Query
inbox direct Basic find list of emails, with
sender email address
select distinct ?subject
?from ?address{

?s nmo:from ?o  .
?o nco:fullname ?from .
?o nco:hasEmailAddress ?e .
?e nco:emailAddress
?address .

?s nmo:messageSubject
?subject .

?s a nmo:Email} 


note : with a Jena TDB dataset, use

select distinct ?subject ?from ?address{
graph ?g{
?s nmo:from ?o  .
?o nco:fullname ?from .
?o nco:hasEmailAddress ?e .
?e nco:emailAddress
?address .
?s nmo:messageSubject
?subject .
?s a nmo:Email
}
}

inbox direct Find emails, distinguish
replies(and what replied to), and CC addresses
select distinct ?s ?subject
?r ?to ?refid ?from ?address{

?s nmo:from ?o  .
?s nmo:messageId ?sid .
?o nco:fullname ?from .
?o nco:hasEmailAddress ?e .
?e nco:emailAddress
?address .

?s nmo:messageSubject
?subject .

?s a nmo:Email
optional {
?s nmo:inReplyTo ?r .
?r nmo:messageId ?mid .
}
optional {
?s nmo:to ?toid .
?toid nco:fullname ?to .
}
optional {
?s nmo:cc ?ccid .
optional{
?ccid nco:fullname ?ccto .
}
}
optional {
?s nmo:references ?refid .}} 

order by ?subject

Note : nco:fullname optional as you may not know the email addressee’s name
Note : As with the basic query about, where using a Jean Dataset, you need a graph selector in the where clause eg

select * { graph ?g {?s ?p ?o}}
inbox direct most messages direct to you
select (count(?from) as ?count) ?from ?address{
graph ?g{
?s nmo:from ?o  .
?o nco:fullname ?from .
?o nco:hasEmailAddress ?e .
?e nco:emailAddress ?address .
?s a nmo:Email
} 

}
group by ?from ?address
order by desc(?count)
inbox direct most messages CC to you Not so easy : where you are a CC recipient, its not possible to match on the to: field, or with any metadata on the imap server.
inbox direct fastest replies
inbox direct most replies
inbox contacts and counts by mail
domain
inbox indirect messages to others on CC list
(may not be known to you, but sender knows)
outbox direct recipents (to,cc,bcc)
outbox direct replies
outbox direct most replied to
outbox direct most sent to
outbox direct fastest replied to (by message,
by recipient)
output direct fastest sent to (by message, by
recipient)

Things get more interesting when more that one mailbox is available for
analyis…but Im going to need Sesame3 or revert to Jena because Sesame2 doesnt do aggregate functions like count. 2 steps forward, 1 step back. So, Jena support in Aperture is minimal and old. It cannot make use of graphs, TDB or SDB, (but the libraries are up to date). It also doesnt support Datasets or Named Graphs in Jena. So, I add ModelSet (the RDF2Go adapter type needed), Dataset and Named graph support, in TDB to begin with. This involves updating the Aperture Jena adapter. Doesn’t seem to be any activity on the Aperture mailing list tho, as I get zero response to a question about updating the Jena support. Is Aperture another nice-but-dead Semantic Web technology ?

Some NepoMuk ontology types

February 18, 2011 Comments off

I am doing some work on a Top Secret Project to demonstrate on the SkyTwenty[1] platform the use of email data (in place of location data).

I am making use of Aperture[2] to crawl an IMAP store, then allow sharing of contact and message information, so that queries can be run to discover

  • who-knows-who in what domain
  • how many degrees of freedom there are between contacts
  • do selected contacts have any connection
  • how “well” do they know each other and so on.

Aperture makes use of the Nepomuk [3] message and desktop ontologies[4], and they’re fairly extensive, so a graphic helps to understand some of the ontological relationships.

The brilliant Protege4 [5] ontology design tool has plugins for GraphViz[6] and OntoGraf[7] produce some fairly neat images to visualise ontologies, so here they are. I would like if there was a way to include object and data propertys (by annotation perhaps, will try later) but for now have compiled a table of the class properties from a crawl and sparql query I did against the repository I loaded the data into.

Contact class relationships

Note that OntoGraf needs the Sun JDK to work, so on Ubuntu, which has the OpenJDK by default, you need to install and agree to the license terms, then make sure that Protege is using the Sun java at /usr/lib/jvm/java-6-sun-1.6.0.22 (or whatever version).

Nepomuk message and contact classes

Nepomuk message and contact classes

 

These tables are incomplete, and represent the classes and properties from the crawl of my nearly empty inbox. The full set of classes and properties for the Nepomuk ontologies are available on another page on this blog.

Prefix URI
nie http://www.semanticdesktop.org/ontologies/2007/01/19/nie#
nco http://www.semanticdesktop.org/ontologies/2007/03/22/nco#
nmo http://www.semanticdesktop.org/ontologies/2007/03/22/nmo#
rdf http://www.w3.org/1999/02/22-rdf-syntax-ns#
sesame http://www.openrdf.org/schema/sesame#
rdfs http://www.w3.org/2000/01/rdf-schema#Class
nfo http://www.semanticdesktop.org/ontologies/2007/03/22/nfo#
type property
nie:DataObject rdf:type
nie:title
sesame:directType
nie:isPartOf
nie:characterSet
nie:mimeType
nmo:contentMimeType
nmo:messageSubject
nmo:plainTextMessageContent
nmo:messageId
nie:byteSize
nie:contentCreated
nmo:sentDate
nmo:receivedDate
nmo:from
nmo:sender
nmo:to
nmo:inReplyTo
nmo:references
nie:DataSource rdf:type
sesame:directType
nco:Contact rdf:type
sesame:directType
nco:fullname
nco:hasEmailAddress
nco:EmailAddress rdf:type
sesame:directType
nco:emailAddress
nfo:Folder rdf:type
nie:title
sesame:directType
nie:isPartOf
nmo:Email rdf:type
sesame:directType
nie:isPartOf
nie:characterSet
nie:mimeType
nmo:contentMimeType
nmo:messageSubject
nmo:plainTextMessageContent
nmo:messageId
nie:byteSize
nie:contentCreated
nmo:sentDate
nmo:receivedDate
nmo:from
nmo:sender
nmo:to
nmo:inReplyTo
nmo:references
nmo:MailboxDataObject rdf:type
sesame:directType
nie:isPartOf
nie:characterSet
nie:mimeType
nmo:contentMimeType
nmo:messageSubject
nmo:plainTextMessageContent
nmo:messageId
nie:byteSize
nie:contentCreated
nmo:sentDate
nmo:receivedDate
nmo:from
nmo:sender
nmo:to
nmo:inReplyTo
nmo:references
nmo:MimeEntity rdf:type
sesame:directType
nie:isPartOf
nie:characterSet
nie:mimeType
nmo:contentMimeType
nmo:messageSubject
nmo:plainTextMessageContent
nmo:messageId
nie:byteSize
nie:contentCreated
nmo:sentDate
nmo:receivedDate
nmo:from
nmo:sender
nmo:to
nmo:inReplyTo
nmo:references
rdf:List rdf:type
sesame:directType
rdf:Property rdf:type
rdfs:domain
rdfs:range
rdfs:subPropertyOf
sesame:directType
sesame:directSubPropertyOf
rdfs:Class rdf:type
rdfs:subClassOf
sesame:directSubClassOf
sesame:directType
rdfs:Datatype rdf:type
rdfs:subClassOf
sesame:directSubClassOf
sesame:directType
rdfs:Resource rdf:type
rdfs:domain
rdfs:range
rdfs:subPropertyOf
sesame:directType
rdfs:subClassOf
sesame:directSubClassOf
sesame:directSubPropertyOf
nie:title
nie:isPartOf
nie:characterSet
nie:mimeType
nmo:contentMimeType
nmo:messageSubject
nmo:plainTextMessageContent
nmo:messageId
nie:byteSize
nie:contentCreated
nmo:sentDate
nmo:receivedDate
nmo:from
nmo:sender
nmo:to
nmo:inReplyTo
nmo:references
nco:fullname
nco:hasEmailAddress
nco:emailAddress

[1] http://skytwenty.endofinternet.net:8080/treasure/moreInfo.usp
[2] http://aperture.sourceforge.net/
[3] http://nepomuk.semanticdesktop.org/xwiki/bin/view/Main1/
[4] http://www.semanticdesktop.org/ontologies/
[5] http://protege.stanford.edu/
[6] http://graphviz.org/
[7] http://protegewiki.stanford.edu/wiki/OntoGraf