General discussion

  • Creator
  • #2080596

    SSL/TLS security in emails


    by mukul_gandhi

    I know about the use of SSL(Secure Socket Layer) for securing web sites. But in email clients also, there is a option of using SSL e.g Netscape client has a option to enable SSL for outgoing messages. How is this option implemented for email clients. I believe email client uses a smtp server for sending messages. How and where SSL comes in picture for emails?
    My 2nd part of the question is TLS(Transport Layer Security) security for emails. Netscape Client has a option to activate TLS also. Howis this implemented ? Netscape email client provides 3 options to use SSL/TLS i.e “never”, “if possible” or “always”


All Comments

  • Author
    • #3895397

      SSL/TLS security in emails

      by jpereira

      In reply to SSL/TLS security in emails

      I can’t comment on SSL.

      TLS is implemented by means of PKI type certificates. It needs to be supported at both ends of the connection. You can find out if your SMTP server supports TLS by connecting to port 25 with telnet and then typing “ehlo yourmachine.yourdomain”. (Substitute your own machine and domain for “yourmachine.yourdomain”). It will reply with lots of 250 prefixed messages. If one is “250-STARTTLS” you’re in business. The next stage is to get a certificate from somebody like “Verisign” and install it in your mail client and switch on the options to make it work. This is probably a lot harder than I just made it sound 馃檪

Viewing 0 reply threads