If you send your emails without encrypting them then you’re basically sending them in plain text. If the mail happens to be intercepted when en route, it could be easily read by anyone. The transfer protocol TLS (Transport Layer Security), the successor of SSL (Secure Sockets Layer), lets you encrypt emails. The user simply presses the ‘send’ button that turns the message into code. After reaching its recipient, the message will then be made legible again with assistance from the matching key.
Without encryption the contents of an email are about as safe as the contents of a postcard. If the postcard falls into the wrong hands, the whole text can easily be read. Efficient encryption systems were developed for this reason and can either produce an encrypted email or encrypt the sending of an email.
In order to encrypt the email yourself, there are useful programmes such the open source software PGP (Pretty Good Privacy), which uses asymmetric encryption. Whereas traditional methods for coding and decoding access the same key, asymmetric encryption uses two keys – a private and a public one. The public key can be forwarded uncrypted to the intended contact without worry since only the private key opens the protected emails. Conversely, the user must keep the public key of the contact in order to do their part in encrypting the email.
Alternatively (or additionally) you can use the transfer protocol SSL, or rather TLS, to encrypt the transfer of emails. This method of email encryption is explained more in the following paragraphs.
Whether it be a computer, a tablet or a smartphone, sending and receiving emails always requires data exchange between the email server and the appliance in question. By default the emails are sent unencrypted and are therefore in plain text. Even a password for the email programme isn’t enough to prevent an attacker from getting their hands on the electronic mail and reading its contents. For this reason you should encrypt business and private emails so attackers have no chance.
The transfer protocol Transport Layer Security (TLS) is the universal tool required for sending email content in a secure fashion. This tool is better known under its former name, Secure Sockets Layer (SSL). An email with SSL or TLS encryption is characterised by its content not being able to be decoded by third parties since they don’t have access to the key required for encryption. Therefore it doesn’t matter whether the email is sent or retrieved through an email client, such as Outlook, or through a web browser. This is due to the encrypted emails being illegible to any snoopers during the whole transfer process between mail server and client (internet browser). The contents are then converted back into plain text when received by the recipient.
Nine months after the release of the first web browser, Netscape Communication released the first version of the encryption protocol SSL (1.0) in 1994. The 2.0 and 3.0 SSL versions followed until the protocol was renamed TLS in January 1999. The new TLS 1.0 had a few small differences compared to the previous SSL 3.0. These incongruences lead to some confusion, and as a result TLS 1.0 was unofficially known as SSL 3.1. In contrast to SSL and TLS, which are both protocols, StartTLS is an extension that can initiate encryption with assistance from the TLS protocol.
Both protocols are often used synonymously and given the name SSL even though the TLS protocol comes with the following important functions, in contrast to the previous SSL version:
If you want the option of choosing between the two protocols when sending and retrieving encrypted emails, then you should opt for the current version of TLS. It offers functions of the SSL protocol and is even more secure thanks to new algorithms.
The TLS protocol is also deemed a good universal transfer protocol since email SSL or TLS encryption is just one of the many applications on offer. TLS offers the possibility of implementing every higher level protocol on the basis of the TLS protocol. OpenSSL and GnuTLS are two known implemented programme libraries. The security protocol is not dependent on the applications and systems and can be expanded at any time. Additionally, the protocol informs you whether the answering server is the sender’s intended recipient. For this reason, TLS is often used for secure data transfer on websites, for online banking or in online stores. An SSL-secured connection informs the user that an ‘s’ is attached to the end of ‘http’ in the address field. The browser checks that the website operator uses a valid SSL certificate for the web server. A TLS protocol can be used for:
SSL or TLS should be used wherever sensitive data is present. Many emails contain more than just private details, which are of no concern to third parties; they also contain data like passwords, bank details and addresses. If you send or receive emails without SSL protocol you risk attackers getting hold of your information every time you update. This also applies to archived emails.
It is relatively easy to carry out an encrypted email transfer. Practically all email clients such as Outlook, Mozilla Thunderbird or email apps for smartphones and tablets offer SSL support. The user can manually switch the encryption on or off in the settings. It is also advisable to also encrypt old emails. Secure emails can be recognised when being sent or received since the address field will begin with ‘https’. Depending on the browser, the encryption will be highlighted, for example with a small lock.
If you carry out transfers or do your shopping online, there’s always the risk of leaving a trail behind. Big or small, these trails can attract criminals who want to gain access to your sensitive and private data such as passwords or bank details. Many users have no idea that by having a badly-secured email they are in fact unwillingly inviting third parties to have a read. Encryption protocols support all common email programmes by creating encrypted emails that can only be read by the intended recipient. 1&1 IONOS also supports the SSL encryption when sending and receiving emails. Users shouldn’t hesitate to encrypt their emails and also to activate the SSL option of their email client.
Want to make your website more secure? Learn more about SSL certificates from 1&1 IONOS and how they increase your site’s trustworthiness.
Online privacy is a sensitive issue that affects experts and amateurs alike. Whether you’re posting on social networks, carrying out banking transactions, or buying from an online store, your data is not always sufficiently protected. The same applies to e-mails. Don’t let cyber criminals get their hands on your content by encrypting your e-mails.
SMTP stands for “Simple Mail Transfer Protocol” – but it’s not that simple. E-mails do not simply travel directly from A to B, but go through several communication and transmission processes that the standard network protocol has been responsible for since the 1980s. As an electronic set of rules from the internet protocol family, SMTP (and its extension, ESMTP) determines important factors such...
