Secure email transmissinon and STARTTLS

Once an email is sent via SMTP (Simple Mail Transfer Protocol), it needs to be encrypted so it could safely land in the inbox of the recipient. The encryption process is done by StartTLS and TLS (Transport Layer Security) or the older SSL (Secure Sockets Layer).

What is StartTLS?

StartTLS is not a protocol, but a command giving the server information that the email client (such as eM Client) wants to upgrade an insecure connection to the secure one using TLS or SSL. StartTLS is used together with IMAP (Internet Message Access Protocol) and SMTP. It basically says to the server “From now on let’s use encrypted communication”.

What is SSL and TLS?

SSL (Secure Socket Layer) is a protocol that inserts an additional layer between the transport layer (TCP/IP) and the application layer (e.g. HTTP, FTP, IMAP, etc.), which secures the communication by encryption and enables authentication (identity verification) of the communicating parties. The result is an encrypted HTTPS, FTPS or IMAPS protocol.

SSL has been replaced by the newer TLS protocol (Transport Layer Security). TLS is more modern and uses stronger encryption algorithms. Unlike SSL, TLS allows you to start communication in an unencrypted format and deploy encrypted security on servers that host multiple domains on a single IP address (called VirtualHost). These servers can then use TLS to secure communications for multiple domains without having to dedicate their own public IP address for each.

Both protocols are using a combination of symmetric and asymmetric cryptography which is a perfect balance between performance and security of data transmitting. If, by any chance, the communication is intercepted, the content of the message will seem as a mix of characters not giving any sense. It requires a key to decrypt the message and the correct key is owned only by the communicating sides.

To wrap it up, StartTLS is a very important command making sure your communication will be safe and secured. Even though it says “StartTLS”, it does not mean it can work only with TLS, it works with SSL as well. As was mentioned, Startls is used together with IMAP, but older POP3 uses a slightly different command called STLS.

Which protocols does eM Client use?

eM Client will always use the most modern and secure communication encryption technology available in your system and on your mail server. For modern systems and mail servers, is currently TLS 1.3, but TLS 1.2 still remains widely used though and so eM Client won’t stop supporting it either.

Download eM Client below to start a 30-day trial and see if it's the right email app for you!