" opportunistic Archives - LuxSci

Posts Tagged ‘opportunistic’

Opportunistic TLS vs Forced TLS for SMTP

Tuesday, January 23rd, 2024

Email sometimes seems like magic because of how quickly messages are transmitted across the internet. While the rapid delivery speeds justify this presumption, a lot must happen for an email to reach you. Email sending relies on a protocol called the Simple Mail Transfer Protocol (SMTP) to make its way across the internet to your recipient’s server. From there, the recipient uses another protocol, such as ActiveSync, POP3, MAPI, IMAP, or a Web-based interface, to pick it up and read it.


Unfortunately, these protocols aren’t always secure by default. Under its original design, emails are sent as plain text. Anyone along the email’s journey can see (and even change) their contents. This can include those in charge of the servers, the government, and even hackers that intercept the data.


Thankfully, engineers are aware of this glaring security hole, and they have introduced several mechanisms that can be leveraged to protect email. This article reviews how SMTP TLS works and the differences between opportunistic TLS and forced TLS.


secure email sending on laptop

Read the rest of this post »

Who does not support SMTP TLS for Secure Inbound Email Delivery?

Thursday, November 7th, 2013

We are frequently asked who supports TLS  to secure inbound email delivery. This is especially important for customers who need to be HIPAA-compliant, as email transport encryption over TLS is sufficient for HIPAA-compliant communications to end-users, so long as the TLS is configured to be sufficiently strong.

While it is possible to tell who supports TLS, it is somewhat technical to do it yourself. So, we have assembled a table with many of the most popular free and public email domains in use across the internet. We indicate which currently (as of July 8, 2022) supports SMTP TLS for inbound email.

The results are surprising. A majority of domains these days do support TLS. With Microsoft’s recent TLS implementation on its email domains (hotmail.com/live.com/outlook.com), this rounds out consistent TLS support (for inbound delivery–outbound may or may not be supported) for all of the most popular free email providers (e.g., aol.com, gmail.com yahoo.com, hotmail.com).

Note: lists below have been updated as of 7/8/22.

Read the rest of this post »