SMTP TLS (Transport Layer Security for email delivery) is a mechanism email servers can use to pass email between themselves in a secure manner. In essence, two servers which both support TLS first establish an encrypted channel of communications and then they pass email through it, ensuring that the messages are secured during transmission between the servers, even if the messages themselves were not already encrypted.
SMTP TLS is great when your recipients email servers support it. However, some recipient's servers do not (how to tell, TLS support checker tool) — for these, other modes of SecureLineTM, such as Escrow, will be automatically used when encryption is required.
All messages sent by all LuxSci users (including those not using SecureLineTM encryption) always employ "Opportunistic TLS", unless "Forced TLS" is in use.
With SecureLineTM, you can take advantage of the simplicity of TLS encryption when it is possible and know that security will "fall back" to another method when it is not possible or when the recipient's servers no longer support it.
When communicating with many companies (such as banks), "Opportunistic TLS" is insufficient. These organization REQUIRE you to never send them email if it is insecure, even if that is because their own servers are broken. "Forced TLS" handles this.
If you communicate with an organization, like Bank of America, that requires enforced TLS (but where you do not otherwise need to use SecureLineTM encryption services), LuxSci can ensure that all email to that organization goes over TLS or is never sent. SecureLineTM licenses are not even required for this — only an official request for that from your recipients.
Feature | |
---|---|
Meets HIPAA Requirements | |
Use TLS automatically if the recipient's server support's it? | |
Never send messages insecurely to servers not supporting TLS? | |
Never send messages insecurely to servers with broken TLS? | |
Never use TLS with servers providing weak (less than 128bit) encryption? | |
SMTP MTA-STS support? | |
Encrypt messages from you to LuxSci servers? | |
Encrypt messages from LuxSci servers to your recipient's servers? | |
Messages appear in the recipient's INBOX like other normal email messages? | |
Send from LuxSci WebMail? | |
Send from any SMTP program or device (e.g. Outlook, Thunderbird, iPhone)? | |
TLS Exclusive (optional) |
Book 1 in the LuxSci Internet Security Series.
Created by Erik Kangas, PhD
Get the HIPAA eBook