I met with an IT friend of mine and we had a discussion about security and email. I have been recommending that everyone uses SSL or TLS to connect to their server when they are reading or writing emails.
Using SSL or TLS secures your connection to your server and ensures that your login details cannot be compromised by a third party. Email programs that do not use SSL or TLS send the login details in plain text. If this was intercepted by a third party, then the password details could be read, and a potential spammer could use your SMTP (sending email server) to send out lots of spam messages. Or read your mail and access your account.
Once your email has reached your sending server, it may then be handled in plain text across the internet over multiple hops (Mail Relays) to the destination server, because that connection is generally not encrypted.
There are several systems out there, and they all need to play nicely together, but the bottom line is we should consider at the worse case all email to be insecure. Even though we may be applying best practices at the send and receive server end of the system.Continue reading Is email secure?