Thursday, 27 September 2018

security - Secure email sending with Thunderbird?


In the Thunderbird 3 SMTP configuration dialog, there's a security section:


Thunderbird sending mail dialog


If I want to send email without naughty hackers intercepting it, what should I choose? The "Connection security" options are "None", "STARTTLS" and "SSL/TLS" - which is best?


Do I need an authentication method, or is that just for the mail server to know who I am? (if so I don't care about this, since I can already send email without problems.)



Answer



First you need to know if your mail server is capable of or even allows you to send mail through SSL (Secure Sockets Layer) or TLS (Transport Layer Security) modes.


Basically the options break down to this:




  • None
    No encryption on the outgoing emails. They will be sent as plain as day between you and the server.




  • STARTTLS (formerly TLS in Thunderbird 2)
    The mail client will ask the server if it's possible to send through using TLS and if so, use the secure method. If not, silently fail and send through as a normal plain connection.




  • SSL/TLS (SSL in Thunderbird 2)
    Similar to above, but it assumes you can already send through using the secure mode and attempts to do so. If you're not allowed, it will fail and not send. This is the most secure method.




If you're told to use port 465 for outgoing and 995 for incoming then you're likely able to send through SSL.


No comments:

Post a Comment

Where does Skype save my contact's avatars in Linux?

I'm using Skype on Linux. Where can I find images cached by skype of my contact's avatars? Answer I wanted to get those Skype avat...