Who does not support SMTP TLS for Secure Inbound Email Delivery?
We are frequently asked who supports TLS to secure inbound email delivery. This is especially important for customers who need to be HIPAA-compliant, as email transport encryption over TLS is sufficient for HIPAA-compliant communications to end-users, so long as the TLS is configured to be sufficiently strong.
While it is possible to tell who supports TLS, it is somewhat technical to do it yourself. So, we have assembled a table with many of the most popular free and public email domains in use across the internet. We indicate which currently (as of July 8, 2022) supports SMTP TLS for inbound email.
The results are surprising. A majority of domains these days do support TLS. With Microsoft’s recent TLS implementation on its email domains (hotmail.com/live.com/outlook.com), this rounds out consistent TLS support (for inbound delivery–outbound may or may not be supported) for all of the most popular free email providers (e.g., aol.com, gmail.com yahoo.com, hotmail.com).
Note: lists below have been updated as of 7/8/22.
Why Supporting TLS is not Enough
One thing to be wary of is that if TLS is supported, it does not ensure that TLS encryption will sometimes or always be used when messages are delivered. The use of TLS also depends on the sending servers both supporting it and actively choosing to use it. A company like LuxSci will do this automatically when it is available (opportunistic TLS) and can enforce the use of TLS (e.g., will never send without it to domains that support it) to ensure compliance.
You can also use this table to estimate how many folks in your mailing lists are at free providers who support or do not support TLS. You can also use LuxSci’s TLS Checker tool to check TLS support for any domain. The following tables were last updated on 7/8/22.
These lists are not guarantees of TLS support as it could be turned off or otherwise disabled on purpose or by accident by the hosting company. To be absolutely sure whether a domain offers TLS support for inbound and outbound email transmissions, please check with the company providing or hosting the domain’s email services.
Note that our tests below check not just for TLS/SSL “support” but that the inbound servers for these domains support TLS v1.0+ and NIST-recommended ciphers, allowing solid levels of TLS encryption.
What Email Providers Support TLS for email addresses?
|Free/Paid Email Service Provider Domain||Supports Inbound TLS?|
Which ISPs support TLS for email addresses in company-owned domains?
More ISPs for residential or business internet/cable TV/phone services now support TLS.
|Internet Service Provider Company Domain||Supports Inbound TLS?|
Who Supports TLS in custom personal and business domains?
What about custom personal or business domains at popular hosting companies like GoDaddy? This is the natural next question because the above lists only cover email addresses in domains owned by the provider company (free or paid). But what about TLS support for “mypersonaldomain.com” or “ourbusinessdomainname.com”? That depends upon the email infrastructure of the hosting company managing email services for that custom domain.
We have observed TLS support for personal and business domains hosted at various popular hosting companies as listed below. This is by no means a guarantee, as it is solely based on the fact that at some point in the past, a message was transmitted from LuxSci to the hosting company’s mail servers using TLS. To be sure, however, please check with the hosting provider company themselves.
|Hosting Company||Supports Inbound TLS?|
|Rackspace Email & Apps||YES|