SSL and TLS Protocols for Secure Email Connections
Using a Secure Sockets Layer (SSL) and Transport Layer Security (TLS) is an important method for sending secure email to clients, business partners, and other contacts. Both provide encrypted connections for incoming and outgoing messages, allowing an email server to authenticate the login credentials to send and receive emails.
The advantage of using secure connection protocols is to prevent hackers from hijacking the email account while connected to the Internet, especially if the network connection uses a public wireless or non-encrypted network. Using secure connections to send and receive email with a browser or email program prevents attackers from gaining access to cookies. Cookie sessions can be hijacked while the email session is in progress.
How to Enable the SSL for a Secure Email Service
It is easy to take advantage of SSL connection in any email program that provides the option enabling it. For example, in Microsoft
- Click on Tools, and then click Account Settings
- Double-click an email account to bring up account settings.
- Click More Settings button at the lower right-hand corner, and then click the Advanced tab.
- Under Incoming server (POP3), put a checkmark on the box before “This server requires an encrypted connection (SSL)”
Microsoft Outlook will automatically change the port number from 110 to 995 which is the SSL port number to receive emails using secure connection. To send a secure connection using SSL or TLS, simply change the port number 25 to 465 or 587, which is the port numbers for SSL or TLS, respectively. Next, click on the drop-down menu to select SSL or TLS.
Enabling SSL to Use with Web-Based Email Service
Gmail, Hotmail, and Yahoo allow the use of SSL connections to send and receive emails, whether you access the email account using an email program in the computer, smart phone, or via a web-browser.
For example, if you are using Google Apps to host your email service, you have the option to enable the SSL connection:
- Sign in to the Google Apps administrator control panel
- Click Domain settings.
- Under the General tab and in the SSL section, check the box next to Enable SSL.
- Save the settings.
Your employees or client computers will now be able to enable SSL for a secure email service using their email client or smart phones.
Hotmail and Yahoo email account users may also take advantage of SSL for secure email service by simply enabling and configuring the port numbers, port 995 for incoming servers, and then port numbers 465 or 587 for an outgoing server that is encrypted. Note only that Windows Live and Hotmail users should enable the use of HTTPs to secure the connection to email servers of Microsoft. This option was made available by Microsoft on November 9, 2010. Check out the announcement at Windows Live team blog.
Using the SLL connection really provides a secure email service, especially if the recipient is also using a secure connection. However, you should note that if the email you send goes through another email server that is not using an SSL connection, the message is no longer being sent using a secure email service. The only method to send or receive a secure email service, no matter which server it goes through, is by using secure email certificates.
Image credits: Screenshot taken by the author; https://commons.wikimedia.org/wiki/File:Password.svg By David Vignoni [LGPL (www.gnu.org/licenses/lgpl.html)], via Wikimedia Commons