Use Secure Email

May 2018 — Tip of the Month

In the early days of the Internet, security was not an afterthought, but it was also not a top priority. Early protcols were designed to be reliable and efficient, rather than secure. The standard protocols used to send and receive email, for example, are notoriously insecure.

Fortunately, modern email services incorporate SSL, which encrypts the transmission of email messages and attachments. While SSL is now the default setting for most email services, if you set up your own accounts in an email client, you may have to manually select the SSL options. If you have old accounts, it may be a good idea to review your account settings and make sure you are enforcing a secure connection.

To encrypt your email transmissions, you need to use SSL for both incoming (POP3 or IMAP) and outgoing (SMTP) mail transfers. These protocols typically require different ports for SSL connections than for standard ones. Below are the commonly used ports.

SSL Email Port Settings:

POP3: Port 995 (rather than 110)
IMAP: Port 993 (rather than 143)
SMTP: Port 465 (rather than 25 or 587)

Below is an example of secure emails settings in Apple Mail, the email client included with macOS. Notice how the TLS/SSL checkbox is checked. The IMAP port is 993 and the SMTP port is 465.

By using SSL for your email transmissions, your login and email messages will be encrypted. This prevents other users on a network (such as an open wireless network in a coffee shop) from possibly eavesdropping on your email messages using a packet sniffer or other program. And don't worry — the mail server and your email client will automatically decrypt the messages, meaning you and your recipients won't notice the difference.

- Per Christensson