LuxSciLuxSci
be Smart.
be Secure.
Phone: 800-441-6612
sales@luxsci.com
support@luxsci.com

Who does not support SMTP TLS for Secure Inbound Email Delivery?

Note: lists below have been updated as of 1/14/2015.

We are frequently asked how common is the support of SMTP TLS  for securing inbound email delivery to recipients across the Internet.  This is especially important for customers who need to be HIPAA compliant, as email transport encryption over TLS is sufficient for HIPAA compliant communications to end users, so long as the TLS is configured to be sufficiently strong.

While it is possible to tell who supports TLS, its is somewhat technical to do yourself.  So, we have assembled a table with many of the popular free / public email domains in use across the Internet and indicate which currently (as of January 14th, 2015) support SMTP TLS for inbound email.

The results are surprising.  A majority of domains these days do support TLS, and with Microsoft’s recent TLS implementation on its email domains (hotmail.com/live.com/outlook.com), this rounds out consistent TLS support (for inbound delivery–outbound may or may not be supported)  for all of the most popular free email providers (e.g. aol.com, gmail.com yahoo.com, hotmail.com).
One thing to be wary of — just because they support TLS inbound does not ensure that TLS encryption will sometimes or always be used when messages are delivered to them.  Use of TLS also depends on the sending servers both supporting it and actively choosing to use it.  A company like LuxSci will do this automatically when it is available (opportunistic TLS) and can enforce use of TLS (e.g. will never send without it to domains that support it) to ensure compliance.

You can also use this table to estimate how many folks in your mailing lists are at free providers who support or do not support TLS.  You can also use LuxSci’s TLS Checker tool to check TLS support for any domain that you like. The following tables were last updated 1/14/2015.

These lists are not absolute guarantees of TLS support as it could be turned off or otherwise disabled on purpose or by accident by the hosting company. To be absolutely sure whether a domain offers TLS support for inbound and outbound email transmissions, please check with the company providing or hosting the domain’s email services.

Note that our tests below check not just for TLS/SSL “support” but check that the inbound servers for these domains support TLS v1.0+ and NIST-recommended ciphers, allowing solid levels of TLS encryption.

TLS Support for email addresses in email provider domains (i.e. ‘address@hostingcompany.com’)

 

Free/Paid Email Service Provider Domain Supports Inbound TLS?
aol.com YES
atmailcloud.com YES
fastmail.fm YES
gmail.com YES
gmx.com YES
gmx.us YES
googlemail.com YES
hotmail.com YES
hotmail.fr YES
hotmail.ru no
hushmail.com YES
icloud.com YES
inbox.com no
inbox.ru YES
live.com YES
live.de YES
lovesemail.com YES
luxsci.net YES
luxsci.me YES
mail.com YES
me.com YES
msn.com YES
outlook.com YES
polarismail.net YES
rediffmail.com YES
runbox.com YES
yahoo.co.jp no
yahoo.co.uk YES
yahoo.com YES
yahoo.com.br YES
yahoo.com.cn YES
yahoo.de YES
yandex.ru YES
ymail.com YES
zoho.com no

TLS Support for email addresses in ISP (Internet Service Provider) company owned domains (i.e. ‘address@ispcompany.net’)

As evidenced below, the email address provided by your ISP company with your residential or business internet/cable TV/phone services, is generally not configured to support TLS.

Internet Service Provider Company Domain Supports Inbound TLS?
comcast.net YES
cox.net no
earthlink.net no
mindspring.com no
rogers.blackberry.net no
sbcglobal.net YES
sprint.blackberry.net no
verizon.net YES

TLS Support for email addresses in custom personal/business domains

What about custom personal or business domains at popular hosting companies like GoDaddy etc.? This is the natural next question to ask, because the above lists only cover email addresses in domains owned by the provider company (whether free or paid). But what about TLS support for “mypersonaldomain.com” or “ourbusinessdomainname.com”? That depends upon the email infrastructure of the hosting company managing email services for that custom domain.

We have observed TLS support for personal/business domains hosted at various popular hosting companies as listed below. This is by no means a guarantee as it is solely based on the fact that at some point in the past, a message was transmitted from LuxSci to the hosting company’s mail servers using TLS. To be absolutely sure, however, please check with the hosting provider company themselves.

Hosting Company Supports Inbound TLS?
EuMX YES
Fastmail Hosting YES
GoDaddy Hosting no
Google Apps YES
InMotion Hosting YES
LuxSci Hosting YES
Netfirms Hosting YES
Network Solutions YES
Polarismail Hosting YES
Rackspace Email & Apps YES
Runbox Hosting YES
World.com Hosting YES

One Response to “Who does not support SMTP TLS for Secure Inbound Email Delivery?”

  1. SMTP TLS vs Secure Message Pick Up: Which is Better for HIPAA? - LuxSci FYI Says:

    […] SMTP TLS: Encrypting the message only while it transmitted between the sender’s and the recipient’s servers.  See: SMTP TLS: All about secure email delivery over TLS.  Note that SMTP TLS is only supported by some email service providers. […]

Leave a Comment

You must be logged in to post a comment.

• Access Anywhere
• Fast and Robust
• Super Secure
• Tons of Features
• Customizable
• Mobile Friendly

Send and receive email from your favorite programs, including:

 Microsoft Outlook
 Mozilla Thunderbird
 Apple Mail
 Windows Mail

... Virtually any program that supports POP, IMAP, or SMTP

Keep your email, contacts, and calendars in sync:

 Apple iPhone and iPad
 Android Devices
 BlackBerry
 Windows Phone

... Any device with Exchange ActiveSync (EAS) support

Relay your server's mail through LuxSci via smarthost:

• Resolve issues with ISP sending limits and restrictions
• Improve deliverability with better IP reputation and IP masking
• Take advantage of Email Archival and HIPAA Compliance
• Even setup smarthosting from Google Apps!

Free web site hosting with any email account:

• Start with up to 10 web sites and MySQL databases
• DNS services for one domain included
• Tons of features and fully HIPAA capable

LuxSci's focus on security and privacy:

• Read The Case for Email Security
• Read Mitigating Security & Privacy Threats
• Review our Privacy Policy

The most accurate, flexible, and trusted filters in the business:

• Premium protection with Intel Security Saas
• Realtime virus database guards against the latest threats
• Seven-day quarantine lets you put eyes on every filtered email
• Supplement with our Basic Spam Filter for even more features

End-to-end secure email encryption — to anyone, from anyone:

• No setup required — encryption is automatic and easy to use
• Secure outbound email with TLS, PGP, S/MIME, or Escrow
• Free inbound encryption via our SecureSend portal
• Independent of your recipient's level of email security
• Widely compatible and fully HIPAA Compliant

Add an extra layer of security with an SSL Certificate:

• Secure your web site
• Debrand LuxSci WebMail with your own secure domain
• Access secure email services via your own secure domain

Encrypt your service traffic via secure tunnel:

• Add another layer of security to your SSL connections
• WebMail, POP, IMAP, SMTP, web/database access
• SecureForm posts, SecureLine Escrow, SecureSend access
• Restrict your account to VPN access only

Secure long-term message archival:

• Immutable, tamperproof email retention with audit trails
• No system requirements — minimal setup, even less upkeep
• Realtime archival of all inbound and outbound messages
• Works anywhere — even with non-LuxSci email hosting

Free data backups included with all email hosting accounts:

• Automatic backups of all email, WebAides, web/database data
• Seven daily backups and up to four weekly backups
• Unlimited restores included at no additional cost
• Custom backup schedules for dedicated servers

Automate your email management:

• Save messages to specific folders or to LuxSci WebAides
• Advanced text scanning with regular expressions
• Tag messages, alter subject lines, or add custom headers
• Filter by message charset, type, TLS status, DKIM status
• Chain filters together for even more complex actions

• Bulk add and edit users, aliases and more
• Control sharing and access globally or on a granular level
• Delegate user roles through permissions
• Configure account-wide taglines, sending restrictions, and more
• Remotely administer account via SOAP API

Share, collaborate, organize, synchronize:

• Calendars, Contacts, Documents, Notes, Widgets, Workspaces
• Fine-grained access control and security
• Access anywhere via secure web portal or smartphone
• Save over solutions like Microsoft Exchange

Free folder sharing for all email hosting accounts:

• Share mail folders with other users in your account
• Subscribe to only the folders you want to see
• Set read-only or read-write access control
• View all personal and shared folders via unified web interface

Color code and label your email messages:

• Define and assign multiple IMAP keywords to each message
• Filter, search, and sort by tags
• Compatible and synchronizes with any IMAP email client
• Also usable with WebAide entries