File Transfer by Email can be useful for moving data between systems when standard file or data transfer mechanisms are not available. In particular it is useful for supporting Directory Replication, as described in the Isode whitepaper [Directory Replication by Email and over 'Air Gap']. This paper looks at requirements for File Transfer by Email, and describes the architecture of Isode's solution.


Scenarios for using File Transfer by Email

There are number of scenarios where it does not make sense to use standard file transfer protocols, or where File Transfer by Email offers real advantages:

  1. HF Radio has difficult network characteristics, and in particular long turnaround times, that make use of standard protocols impractical. Special email protocols have been developed for HF Radio. It makes sense to build on these protocols for directory replication and file transfer, rather than developing special HF protocols.
  2. For broadcast networks, such as Satellite and Radio, special email protocols can utilize the broadcast nature of these networks to efficiently send a message to multiple destinations. File Transfer by email can send to multiple destinations, and take advantage of this efficiency gain.
  3. In many secure environments, email is the only protocol that is allowed through. File Transfer by Email allows file transfer to take place in such environments.

Applications of File Transfer by Email

Isode is providing File Transfer by Email as a general purpose building block that can be used to support a range of applications. Applications identified are:

  • Directory Replication, as described in the Isode whitepaper [Directory Replication by Email and over 'Air Gap']. This is the primary reason that Isode developed this application.
  • Database Replication. Where there is a need to distribute database updates over email, File Transfer by Email provides a natural supporting infrastructure.
  • End user file transfer, to copy data around. Isode's system has been developed to support applications; an end user application could be easily developed over Isode' s solution, which is described later.

Solution Architecture

Isode's File Transfer by Email is implemented as a part of all of its M-Switch products, as illustrated above. There is a special File Transfer by Email (FTBE) channel in M-Switch that supports inbound and outbound files. This gives an easy mechanism for applications to send and receive files.

Files can be sent over SMTP (Internet Mail) or over X.400. Configuration information for FTBE is held in the directory, and managed by Isode's standard Messaging Configuration GUIs. Multiple FTBE distributions may be configured.

FTBE channels are bi-directional, and so messages can be sent in both directions (in and out). An FTBE channel can send to multiple recipients. For such a multicast distribution, the recipients would be configured for just the single sender. In general, special email addresses will be configured for FTBE, as the accounts used should not receive general purpose email, and should only be used for one FTBE distribution configuration.

Acknowledgements

End to End acknowledgements are key to ensuring 100% reliability. Because Isode’s File Transfer by Email solution provides two way communications, applications using FTBE can send application level acknowledgements. This is desirable, as it enables a sending application to ensure that the data has been received and processed correctly.

Isode also uses delivery reports to acknowledge delivery at the FTBE level. This checking will be useful for applications that do not provide application level acknowledgement, and to provide an additional level of system monitoring. This is currently provided only for X.400, and may be added for SMTP in a future release.

Application Integration

Integration between applications using File Transfer by Email and M-Switch is done entirely at the file system level. M-Switch uses file naming conventions to pass back acknowledgement and status information. This approach enables the FTBE application to be completely decoupled from M-Switch. M-Switch provides transfer status information using files, and it is up to the application to report this status to the user.

Security

Applications using File Transfer by Email may require security. Security Services that might be needed are:

  • Content Integrity (to verify that the data has not been tampered with in transit).
  • Message Origin Authentication. This will verify the sender, and use digital signatures to ensure that messages come only from the right source. This can be checked by the FTBE receiver.
  • Data Confidentiality.

These services could be provided by a several protocol options:

  1. S/MIME - for Internet message security.
  2. STANAG 4406 - for military X.400 message security.
  3. X.400 Standard security.

Isode may add these security capabilities to future releases. Feedback on requirements is solicited.

End User File Transfer

Although the Isode File Transfer by Email solution could be used by an end user, it is not really suitable for three reasons:

  • Users would need to understand the FTBE file naming conventions.
  • The status reporting is not intended for end users.
  • When a file is sent, it will be renamed which would be disconcerting to most users.

For this reason, end user file transfer is best provided as a simple application, most likely with a GUI, that enables users to drag and drop files and reports on transfer status. This could include end to end acknowledgements, reporting on recipient opening, moving or deleting the file. Isode may provide such an application in a future release. Feedback on requirements is solicited.

Conclusions

File Transfer by Email is a useful capability for a number of applications, in particular to support Directory Replication. This paper has looked at the requirements and described Isode’s solution.