Anyone who sends their emails without encryption, sends them on the one hand with an easily vulnerable transmission and on the other hand in clear text. This allows unauthorized persons to easily intercept e-mail en route to the recipient, but also to read intercepted messages without any difficulty. With SSL/TLS you can encrypt your emails and thus adequately protect your messages against unauthorized access.
Securing your emails: a question of encryption
Without encryption, the contents of emails are about as secret as the contents of a postcard. If the card or email falls into the wrong hands, the entire text may be shamelessly read. This is why powerful encryption methods have been developed to protect both the content of emails and their transmission. Regarding email encryption, we can distinguish three categories:
- Encrypt email transmission
- Encrypt email content
- Encrypt archived emails
Encrypt email transmission with SSL/TLS
The tool needed to securely send the content of an email is the transmission protocol Transport Layer Security (TLS), used universally. He is better known by his old name, Secure Sockets Layer (SSL). A email encrypted with SSL/TLS guarantees that its contents cannot be decrypted by third parties, because they do not have the necessary key. So it doesn't matter whether the email is retrieved or sent via an email client such as Outlook or via a web browser. SSL/TLS technology is not only used for sending emails, but also, for example, to secure data in online banking or in e-commerce.
Note
These days, when we talk about SSL/TLS, we almost always refer to TLS. SSL is obsolete and no longer used for encryption of transmissions. We cover this topic in more detail in our “TLS vs. SSL” article.
Secure email address for your digital privacy
- Professional data protection and security
- Email encryption with SSL/TLS
- Antivirus protection with firewall and spam filters
- Daily backups, daily protection
Secure email content with S/MIME or PGP
If you want to encrypt the actual content of emails, you can choose between different techniques, such as the standard S/MIME method or the PGP method, which is also well established. Both use asymmetric encryption. While traditional encryption and decoding methods access the same key, asymmetric encryption uses two keys : a private key known only to the sender and a public key freely accessible to all recipients.
Encrypt archived emails using software
Encryption of emails is of basic importance, even if they remain stored in a mailbox or in archives after reading. It is only thanks to this encryption that you can face the possibility of attacks by cybercriminals who access your account and therefore all the emails stored there. For additional protection of your data, you can use thetwo-factor authentication (especially when using webmail clients) or encrypt your hard drive Or relevant folders and files (when using email or desktop clients or applications).
After briefly explaining the most important basic elements regarding email encryption and secure message transmission in the previous sections, in the following sections we detail the concrete implementation of individual security measures in a little detail.
Encrypt email transmission in web clients
Serious email providers have long offered their web services via the secure HTTPS protocol by default. You can recognize it on the one hand by the URL which begins with “https” instead of “http”. Additionally, you can check in your browser's address bar, usually using a padlock symbol, whether the webmail client has an SSL/TLS certificate.
Encrypt email transmission in desktop email clients
You can also encrypt connections to the mail server via SSL/TLS in the mail client on PC or in a corresponding application on your smartphone or tablet. For this, the decisive point to be defined is the port used for sending and receiving. The corresponding parameters can be found in the account settings of the email program. There is also often a general option to activate the SSL/TLS encryption of emails. Upon enabling this feature, the program usually configures the appropriate ports automatically. You can otherwise do it manually, by entering different numbers depending on the type of receiving server (POP3 or IMAP) or sending:
- Incoming mail server (IMAP) : 993
- Incoming mail server (POP3) : 995
- Outgoing mail server (SMTP) : 465
Select “ SSL » as the type of connection (technically, it is indeed a “TLS” encryption, despite the “SSL” inscription).
Note
If the StartTLS function is activated in the options, SMTP then requests port 587 (and more rarely port 25) for the establishment of encrypted connections using this technique.
Encryption of email content: the example of Mailvelope
If you not only want to use a secure SSL/TLS connection, but also send and receive encrypted emailsyou have many programs available that allow you to access the S/MIME and PGP encryption methods already mentioned. If you send and receive your emails using a web client, the easiest way is to use a browser extension as Mailvelopewhich will serve as an example in this article.
Mailvelope is compatible for Firefox, Edge and Google Chrome and allows PGP email encryption to be used in various webmail services. The first step is to install the extension via the plugin or the Extension-Center (direct links can be found on the Mailvelope homepage).
Once the extension is installed, a pop-up window will appear. Click “Get Started” to start the setup. You will then be redirected directly to the key manager, which logically does not yet contain a key pair for email encryption. To do this, click on “ Generate Key ”, then enter the required information:
If you select the « Upload public key to Mailvelope Key Server » option, contact partners can obtain it from there to also send you encrypted emails. As soon as the PGP key pair has been generatedyou then receive a confirmation message as well as a first encrypted email, which Mailvelope sends to the email address indicated. Open the message then click on the icon in the center (“Show message”), then enter the password for the key generated previously.
The message will be decoded and a link will be visible. Click on this link to activate your email address and encrypt your future emails. For encryption, you will now find a specific Mailvelope button in the message editor of the corresponding web client, which you should use every time you want to encrypt the content of emails.
Secure email address for your digital privacy
- Professional data protection and security
- Email encryption with SSL/TLS
- Antivirus protection with firewall and spam filters
- Daily backups, daily protection
Email encryption with IONOS Mail
Obsolete versions TLS and SSL have been permanently disabled on IONOS mail servers. If you use IONOS Webmail, you don't have to worry about anything, because encryption is always guaranteed.
If you use IONOS Mail in a email program on your PC or smartphone (e.g. Outlook, Thunderbird, Apple Mail), make sure the SSL/TLS encryption is activated.
To enable SSL/TLS in your email client, follow these steps:
- Open your mailbox settings.
- Enable SSL/TLS encryption for the latter.
- Configure the appropriate ports for the receiving and sending servers:
- Reception via POP3 (SSL/TLS): 995
- Receiving via IMAP (SSL/TLS): 993
- Sending via SMTP (SSL/TLS): 465
To learn how to enable encryption for IONOS messaging on Android, iOS and others, please see our article on enabling SSL/TLS encryption in the IONOS Help Center.
