TLS & Email Encryption

How Transport Layer Security protects your emails in transit.

Transport Layer Security (TLS) encrypts email as it travels between mail servers. Without TLS, your emails travel across the internet in plaintext, readable by anyone who intercepts them.

How Email TLS Works

When a mail server connects to another to deliver email, it can negotiate TLS encryption using the STARTTLS command. This "opportunistic TLS" encrypts the connection if both servers support it.

# Simplified SMTP conversation with STARTTLS
S: 220 mail.example.com ESMTP
C: EHLO sender.com
S: 250-mail.example.com Hello
S: 250-STARTTLS                    # Server offers TLS
S: 250 OK
C: STARTTLS                        # Client requests TLS
S: 220 Ready to start TLS
[TLS handshake occurs]
# All subsequent communication is encrypted

The Problem with Opportunistic TLS

Opportunistic TLS has a critical weakness: it's vulnerable to downgrade attacks. A man-in-the-middle attacker can strip the STARTTLS capability from the server's response, forcing plaintext transmission.

STARTTLS Stripping Attack

An attacker intercepts the connection and modifies the server's response to remove the STARTTLS option. The sending server believes TLS isn't available and sends in plaintext.

Solution: MTA-STS and DANE tell senders your domain requires TLS, preventing downgrades.

TLS Versions

VersionStatusRecommendation
TLS 1.3CurrentPreferred - fastest and most secure
TLS 1.2SecureAcceptable - widely supported
TLS 1.1DeprecatedDisable - known vulnerabilities
TLS 1.0DeprecatedDisable - POODLE, BEAST attacks
SSL 3.0BrokenNever use - fundamentally insecure

Enforcing TLS

There are two main methods to enforce TLS for inbound email:

MTA-STS (Recommended)

Publishes a policy via DNS and HTTPS that declares your domain requires TLS. Widely supported by major providers.

Learn more about MTA-STS →

DANE (Advanced)

Uses DNSSEC to publish certificate information directly in DNS. Provides stronger security but requires DNSSEC.

Learn more about DANE →

TLS Reporting (TLS-RPT)

TLS-RPT allows you to receive reports when sending servers experience TLS failures when delivering to your domain. This helps you identify issues before they affect email delivery.

# TLS-RPT DNS record
_smtp._tls.example.com TXT "v=TLSRPTv1; rua=mailto:tlsrpt@example.com"

# Fields:
# v=TLSRPTv1  - Version
# rua=        - Reporting address (mailto: or https:)

Certificate Best Practices

  • Use a trusted CA — Don't use self-signed certificates for production
  • Match hostnames — Certificate must match your MX hostname
  • Keep certificates current — Set up automatic renewal (Let's Encrypt)
  • Use strong cipher suites — Disable weak ciphers like RC4, 3DES

Next Steps