" smtp tls Archives - LuxSci

Posts Tagged ‘smtp tls’

How to Secure SMTP Email Delivery with TLS

Tuesday, August 29th, 2023

Secure email sending is a priority for organizations that communicate sensitive data externally. One of the most common ways to send secure emails is with SMTP TLS. TLS stands for Transport Layer Security and is the successor of SSL (Secure Socket Layer). TLS is one of the standard ways that computers on the internet transmit information over an encrypted channel. In general, when one computer connects to another computer and uses TLS, the following happens:

  1. Computer A connects to Computer B (no security)
  2. Computer B says “Hello” (no security)
  3. Computer A says, “Let’s talk securely over TLS” (no security)
  4. Computers A and B agree on how to do this (secure)
  5. The rest of the conversation is encrypted (secure)

In particular:

  • The conversation is encrypted
  • Computer A can verify the identity of Computer B (by examining its SSL certificate, which is required for this dialog)
  • The conversation cannot be eavesdropped upon (without Computer A knowing)
  • A third party cannot modify the conversation
  • Third parties cannot inject other information into the conversation.

TLS and SSL help make the internet a more secure place. One popular way to use TLS is to secure SMTP to protect the transmission of email messages between servers.

hands on a keyboard sending secure email

Read the rest of this post »

HIPAA-Compliant Secure Email: Understanding Encryption

Tuesday, August 15th, 2023

Email encryption is an important topic to understand when evaluating HIPAA-compliant, secure email vendors. Encryption is an addressable standard for HIPAA compliance, but if you send sensitive information via email, encryption is the easiest way to meet the standard.

The two most common email encryption methods include SMTP TLS and Secure Portal Pick Up. This article will discuss their differences and guide users on selecting the right option for HIPAA-compliant secure email.

secure email sending

Read the rest of this post »

Are Replies to my HIPAA-Compliant Secure Emails also Secure?

Friday, June 18th, 2021

Sending HIPAA-compliant secure emails is easy- LuxSci’s services allow you to send secure emails to anyone with an active email address. One common question is whether the replies back to these messages will also be HIPAA compliant. This is especially a concern when customers choose to use TLS only a a secure means of email delivery.

In this article we will break down the various ways that messages are sent securely from LuxSci to recipients across the Internet, and how replies behave — and whether they are secure and compliant. At the end, we provide some recommendations for best practices for maximizing data security.

Read the rest of this post »

A Brief Guide to HIPAA-Compliant SMTP Relaying

Friday, August 10th, 2018

Simple Mail Transfer Protocol (SMTP) is a way in which email travels across the internet. An SMTP relay is a mail server that passes on your email message to another server that can transfer your message to the intended recipient. Email providers like Gmail own and manage SMTP servers; some allow you to connect to their servers directly while others require you to send email via their webmail applications. In the latter case, providers are also safeguarding against the risk of companies sending several emails in a short period of time and engaging in spamming.

Providers that allow direct access to their SMTP servers may or may not support SMTP relaying. ‘Support’ means that you can connect to their SMTP server to send outbound email to recipients whose email is not managed by the provider (e.g., they handle email for luxsci.net addresses but not yahoo.com).

SMTP authentication versus Secure SMTP

To avoid the risk of hackers spamming users, many email providers require authentication (e.g., via a username and password) to use their SMTP servers. Some providers may go beyond SMTP authentication and offer Secure SMTP, encrypting the communication between your computer and their server using SSL/TLS protocols. This way, the contents of your email message cannot be read along the transmission channel to the SMTP relay server.

Read the rest of this post »

Stopping Forged Email 4: Your Last Resorts

Wednesday, March 4th, 2015

In previous posts we have examined how hackers and spammers can send forged email and how it can be extremely difficult to differentiate these messages from legitimate messages.  We have looked at the various common techniques for anti-fraud such as SPFDKIM, and DMARC and seen that, while these technologies can help a lot, they all have limitations; they all require strict and proper setup by the owner of the purported sender’s domain, and they must be well supported by your own spam filtering system.

Yet even with these technologies, it’s not hard in many cases for a determined attacker to send you a forged, fraudulent email message that still looks and feels legitimate.

What else can you do to validate email messages and protect yourself from phishing or social engineering attacks?

Read the rest of this post »