General discussion

  • Creator
    Topic
  • #2080596

    SSL/TLS security in emails

    Locked

    by mukul_gandhi ·

    I know about the use of SSL(Secure Socket Layer) for securing web sites. But in email clients also, there is a option of using SSL e.g Netscape client has a option to enable SSL for outgoing messages. How is this option implemented for email clients. I believe email client uses a smtp server for sending messages. How and where SSL comes in picture for emails?
    My 2nd part of the question is TLS(Transport Layer Security) security for emails. Netscape Client has a option to activate TLS also. Howis this implemented ? Netscape email client provides 3 options to use SSL/TLS i.e “never”, “if possible” or “always”

    regards
    -mukul

All Comments

  • Author
    Replies
    • #3895397

      SSL/TLS security in emails

      by jpereira ·

      In reply to SSL/TLS security in emails

      I can’t comment on SSL.

      TLS is implemented by means of PKI type certificates. It needs to be supported at both ends of the connection. You can find out if your SMTP server supports TLS by connecting to port 25 with telnet and then typing “ehlo yourmachine.yourdomain”. (Substitute your own machine and domain for “yourmachine.yourdomain”). It will reply with lots of 250 prefixed messages. If one is “250-STARTTLS” you’re in business. The next stage is to get a certificate from somebody like “Verisign” and install it in your mail client and switch on the options to make it work. This is probably a lot harder than I just made it sound 🙂

Viewing 0 reply threads