Highest Voted 'smtp' Questions - IT Security Stack Exchange

69

votes

2 answers

Why does Gmail (add accounts) using SMTP server recommend SSL instead of TLS?

I stumbled something interesting today when I was adding an account to my gmail one. Why is SSL boldly stated as recommended when TLS supersedes SSL? The links for SSL and TLS is the same: https://support.google.com/mail/answer/22370?hl=en

tls gmail smtp

asked Jun 14 '17 at 04:20

user153882

753
1
5
13

50

votes

5 answers

Why is end-to-end encryption still not default in mails?

I am not a cryptographer. Maybe that is why I don't see the issues with integrating PGP into SMTP. In my head: Lea requests the server of Luke's domain jedi.com to tell her the public key of luke@jedi.com (The request includes an encryption method…

email pgp smtp

asked Jun 16 '16 at 14:02

Chris Pillen

619
5
6

42

votes

4 answers

How (in)secure is POP/IMAP/SMTP

I'm making a few assumptions about basic email security, and I want to confirm or clarify some of these points to make sure I understand the big picture. Please correct me where I'm mistaken: The answer to this question gives some insight, but…

encryption email pgp smtp

asked Feb 14 '14 at 21:01

Joe Enos

523
1
4
7

39

votes

2 answers

How do email clients "send later" without storing a password?

Email clients like Spark for macOS have a feature where a user can send an email later, at any given time, even when the computer is turned off. An SMTP server needs a password based authentication, though. Does that mean that if I use Spark to send…

encryption passwords email smtp imap

asked Sep 10 '19 at 03:27

NikxDa

773
1
5
12

35

votes

4 answers

What steps do Gmail, Yahoo! Mail, and Hotmail take to prevent eavesdropping on email?

I would like to ask what happens when an email is sent from Gmail, Yahoo or Hotmail public web email services? I don't understand email protocols in details, but as far as I know email traffic is unencrypted and the messages are passed along many…

encryption tls email smtp

asked Aug 22 '11 at 22:27

luben

898
2
12
17

33

votes

5 answers

Test STARTTLS configuration of SMTP server

Is there an easy way to test an SMTP server to check for configuration issues associated with STARTTLS encryption, and report on whether it has been configured properly so that email will be encrypted using STARTTLS? Think of the Qualys SSL server…

tls smtp

asked May 27 '14 at 20:36

D.W.

98,420
30
267
572

25

votes

3 answers

What does the email header-line "message opened by mailclient" mean?

Today a Belgian MP claimed (backed up by a security expert) that her email headers show that her email was read during routing (text in Dutch). The published screenshot of the headers highlights the final line in the extended headers: message…

email routing smtp

asked Nov 02 '13 at 14:48

mhermans

541
4
11

21

votes

7 answers

Is there a risk connecting to POP3 or SMTP email server without secure connection?

My ISP gives instructions how to connect to its POP3 and SMTP email servers: These settings will help you to set up your email program. email server: POP3 POP server (incoming): pop.orangehome.co.uk POP incoming port: 110 SMTP server (outgoing):…

tls email smtp

asked Dec 20 '16 at 12:49

Colonel Panic

2,214
2
22
23

18

votes

3 answers

What is the most secured SMTP authentication type?

Say you have to choose only one among the following authentication types for your own SMTP server: LOGIN, PLAIN CRAM-MD5 DIGEST-MD5 NTLM/SPA/MSN Which one would you recommend for optimal security? PS: The list is the authentification types given…

email server smtp

asked Dec 27 '16 at 13:25

user123456

520
1
4
13

16

votes

2 answers

Perfectly secure Postfix MTA (SMTP) configuration

I want to secure my root server (further) service by service, starting with the SMTP service (Postfix MTA) as the most busy one. I the course of setting everything up, I read a lot about security and encryption and tried my best to gather the most…

encryption tls smtp starttls

asked Feb 18 '15 at 16:20

08frak

303
1
2
7

15

votes

3 answers

Can I expect my e-mail to be routed securely?

If I connect to my e-mail server via SSL (SMTP/SSL) and the recipient also only checks his e-mail via SSL (web/https or IMAP/SSL), does this - generally speaking - increase the security for the message content in any way? That is, will the…

tls email smtp

asked Oct 21 '11 at 06:05

Martin

1,247
2
12
19

15

votes

2 answers

What threats come from CRLF in email generation?

I have an application where a code scanner has identified CRLF injection possibilities in some classes related to email generation. I understand how CRLF injection could be used against me on URL-based attacks, but google has been kinda silent on…

injection smtp

asked Mar 25 '14 at 15:46

avgvstvs

940
1
7
19

12

votes

1 answer

How to study the packets sent by a keylogger

One of my friends runescape account got hacked through key-logger. He downloaded a runescape gold generator from a file sharing site and tried to use it. I have a strong doubt that it is a key-logger. So I run the software in a virtual machine and…

encryption malware keyloggers smtp wireshark

asked Feb 04 '13 at 12:42

narayan

383
1
4
11

10

votes

3 answers

Why enable SMTP STARTTLS if OpenSSL is dangerous?

There are a bunch of people in the anti-surveillance movement who are virtually demanding that I enable SMTP STARTTLS support in my environment, in order to enable opportunistic MTA-to-MTA encryption. The same anti-surveillance people are meanwhile…

tls openssl smtp starttls

asked Jul 11 '14 at 08:05

ruief

883
4
11

9

votes

1 answer

Email SSL security?

I use IMAP and I only access my email through SSL. However, the settings for encrypted email access seem a bit more complicated that https. Can someone explain the security implications of the different combinations? I'll use the available settings…

tls email smtp

asked Oct 03 '11 at 08:21

Martin

1,247
2
12
19

Questions tagged [smtp]