SSL email help 4-10-21

Secure eMail Transport

A moving target...

With the latest update to our mail server comes a change that is affecting some of our clients using older Mail Applications. SSL/TLS encrypted transporting of email just got more restricted.

SSL/TLS? What is that? It started with Secure Socket Layer (SSL) where your computer and our server agree upon encryption keys and then encrypt all the communications involved in sending and receiving email. This system is also used for web pages, any time you see HTTPS or notice the little lock symbol is locked. Unfortunately some mischievous people found a trick to stealing the keys, so they could watch the mail and web pages go by. So they came out with SSL2, which was eventually broken. SSL3, which was broken, too. Then they redesigned the whole concept and called it Transport Layer Security 1 (TLS1). Well, TLS1 has been broken. So has TLS1.1... You can see the pattern... They are up to TLS1.3 now.

So what does this have to do with my eMail again? Well, over time, it's decided by the powers that be out on the internet that a particular version of SSL/TLS is just too broken to be considered secure enough, and should no longer be used. And with the Mail Server upgrade the weekend of April 10th, we waved goodbye to TLS1. So if your eMail program is so old that TLS1 is the newest encryption it knows about, you just lost the ability to send and receive eMail securely. If you know how to change your email account settings, you can test to see if this is affecting you. If you can't send or receive eMail with the security turned on, but can when you turn the security off, your eMail program is too old.

Do I need secure eMail transport? Our rule of thumb is this: If your computer or device only checks your eMail when you are on our Internet service, no, security isn't really needed. We do not spy on what you say to others. If your computer or device sometimes connects to coffee shops and other hot spots, or you use Internet provided by someone other than us; secure eMail transport is a really good idea. You never know who might be listening in.

OK, so what do I need to do? Depends on what eMail program you are using. Here's what we know so far:



Email Program Affected? Solution Helpful Link
IceWarp Webmail No    
Windows 10 Mail App No    
Windows Live Mail Can be Upgrade to version 2012
Windows Mail on Vista Highly Likely Get Thunderbird Http://
Mac Mail Can be Upgrade MacOS to v10.12 or higher
iPhones Probably not iOS v11 added support for TLS1.2  
iPads Probably not iPadOS v13.1 added support for TLS1.2  
Pegasus Mail Can be Upgrade to a newer version
Outlook Express on XP Highly Likely Get Thunderbird Http://