In the Thunderbird 3 SMTP configuration dialog, there's a security section:
If I want to send email without naughty hackers intercepting it, what should I choose? The "Connection security" options are "None", "STARTTLS" and "SSL/TLS" - which is best?
Do I need an authentication method, or is that just for the mail server to know who I am? (if so I don't care about this, since I can already send email without problems.)
Answer
First you need to know if your mail server is capable of or even allows you to send mail through SSL (Secure Sockets Layer) or TLS (Transport Layer Security) modes.
Basically the options break down to this:
None
No encryption on the outgoing emails. They will be sent as plain as day between you and the server.STARTTLS (formerly TLS in Thunderbird 2)
The mail client will ask the server if it's possible to send through using TLS and if so, use the secure method. If not, silently fail and send through as a normal plain connection.SSL/TLS (SSL in Thunderbird 2)
Similar to above, but it assumes you can already send through using the secure mode and attempts to do so. If you're not allowed, it will fail and not send. This is the most secure method.
If you're told to use port 465 for outgoing and 995 for incoming then you're likely able to send through SSL.
No comments:
Post a Comment