Secure email transfers rely not only on the security of the connection between the email client and the email server but also on secure connections between servers. Many popular and often free email services offer secure end user interfaces (e.g. GMAIL), but neglect to secure back end communication. That means that emails sent to or from the service’s mail servers are transmitted in plain text. While this probably doesn’t matter to most people, it is the equivalent of keeping your mailbox at home secured with a double-lock, but sending and receiving postcards that everyone along the way would be able to read.
To secure the server to server transfer of emails, the provider needs to enable a technology called Transport Layer Security (TLS). Using this requires more processing power and bandwidth than plain text emails, which is why many email providers try to reduce operating costs by not enabling this feature.
To check if your email address or the email address of a contact is secure, go to: www.ismymailsecure.com, enter your address then click “Submit Query”.
An example of a secure address is: [email protected], an example of an insecure address is [email protected].
NOTE: As this is a 3rd party service, we recommend against entering your full address. If your address is ‘[email protected]‘ you should enter a random address before the @ sign, for example: [email protected].