Originally Posted by Dude
You guys keep talking about encryption and RIM's impregnable security, but none of that matters. The message spends a lot of time traveling between mail servers on open non-encrypted links. Why do I need to break into your Blackberry if I can just sniff the traffic coming out of your Exchange server?!
Remember: Blackberry -> carrier -> BES/BIS -> mail server -> internet -> mail server -> BES/BIS -> carrier -> Blackberry.
This statement is not true when using a BES. The message is encrypted prior to leaving the handheld or BES and then decrypted once being received by the handheld or BES.
Message flow to a handheld
1) New Message arrives: the Microsoft message transfer agent delivers message to userís desktop email mailbox.
2) Message notification: Blackberry maintains a MAPI connection to the userís mailbox. The connection enables the server to use the same notification for new mail, blackberry processes message as it arrives.
3) Message filters are applied: BES checks message fields against global filter rules.
BES then applies user-defined filters.
4) Message ID is assigned: BES randomly generates a reference id and tag.
5) Message is compressed and encrypted.
6) Message sent to wireless network: BES sends the first portion of the message through port 3101 to the wireless network, which verifies the PIN belongs to belongs to a valid handheld registered on the network
7) Confirmation is returned: The network locates the handheld and delivers the message.
8) Arrives on handheld: The handheld decrypts and decompresses the message and notifies the user of new mail.
Message flow from the handheld
1) Message sent from handheld, on the handheld the message is assigned a reference id.
2) Message is compressed and encrypted.
3) Message is sent to BES Server, through port 3101 to the wireless network to the Blackberry Server.
4) Message is decrypted and decompressed: BES decrypts and decompresses the message. If the message does not match the users encryption key, the message is discarded.
5) Message is placed in outbox on the Exchange Store.
6) Message delivery: The Exchange MTA delivers the message.
7) Copied to sent items folder: A copy of the message is placed in the userís desktop email program sent items folder.
Therefore if you do happen to "sniff the traffic coming out of the Exchange server" you would only get an encrypted message. Now for BIS, I am not to sure. Also We do not know what mail client the OP was using, nor do we know if he was using BIS or BES.