In this article we will have a look at some good, modern practices that must be used when communicating an application or a client with our infrastructure’s mail servers, within ensuring secure and encrypted communication.
You may check the article below for more information about the differences between SSL/TLS and STARTTLS:
Differences between SSL/TLS vs STARTTLS
In practice, changes to the mail service:
Within our upgrading and enhancing the protection of information transferred to a network when communicating with the mail servers of our infrastructure, the goal is to use encrypted methods by all. That’s because we want to ensure user authentication, data integrity and zero chances for a data breach. For this reason some actions are necessary to be performed.
What changes in our infrastructure:
1. Old TLSv1.0 & TLSv1.1 communication protocols are abolished
2. Encrypted password is also abolished
What does this mean for you and what should you do:
1. For your part, you need to ensure that the applications, mail clients, and operating systems you use are compatible with TLSv1.2 & TLSv1.3. In other words, you should abandon the old communication protocols, TLSv1.0 & TLSv1.1, which are now considered unsafe (they come mainly from old operating systems and old devices) and upgrade to new ones. You can find more information in this article.
2. Also, in addition to the email clients you are using, you should upgrade all the applications, but also your website plugins that communicate with the mail server (such as contact forms, SMTP WordPress Authentication plugins, etc.).
3. Regarding email clients, in the article below we mention some changes that you should define in the IMAP, POP3 & SMTP communication protocols.
Which settings should I use in a Mail Client?