A possible defence against email interception

This may startle you: There’s a way to increase security on your email servers.

It’s a protocol whose origins date back to 1999, but if everyone with a mail server adopted it, it would go a long way to making sure email is more secure.

It’s an extension to the SMTP mail transfer protocol called STARTTLS (short for “SMTP Service Extension for Secure SMTP over TLS.”

Norwegian security consultant Per Thorsheim discusses this in a column published this week.

Briefly, the service offers email encryption between two mail servers.

Few servers offer STARTTLS support, he writes, based on a 2010 study of tens of thousands of domains in Norway. Those that did often had badly-configured or expired SSL certificates.

Is this a complete defence to email interception? Maybe not, but it’s something a lot of organizations should look into for enhancing their defences. And the more organizations that adopt STARTTLS, the more effective it will be.

I’d like to hear from you about this idea and whether its practical. Leave a reply in the space below.

Read the whole article here

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web