Enable TLS on smtp.aa.net.uk: Difference between revisions
m (→Why do this?) |
mNo edit summary |
||
Line 6: | Line 6: | ||
TLS stands for Transport Layer Security - it is similar to https web pages in that the data sent between your email program is sent securely. This is good as it prevents local eaves droppers from seeing your data (and even your username/password credentials if sending using authentication) and it helps confirm that the server you are talking to really is our server and not an impostor. |
TLS stands for Transport Layer Security - it is similar to https web pages in that the data sent between your email program is sent securely. This is good as it prevents local eaves droppers from seeing your data (and even your username/password credentials if sending using authentication) and it helps confirm that the server you are talking to really is our server and not an impostor. |
||
[[File:SMTP-TLS.svg|frame|Enabling TLS is the connection between you and the AAISP email server]] |
[[File:SMTP-TLS.svg|none|frame|Enabling TLS is the connection between you and the AAISP email server]] |
||
It us useful to know that enabling TLS in your email program only affects how you send email to our servers. Once we have received your email we will then send it onwards to the recipients email server. Where possible our servers will also use TLS but if the recipient server does not support TLS then the email will be sent without any encryption. |
It us useful to know that enabling TLS in your email program only affects how you send email to our servers. Once we have received your email we will then send it onwards to the recipients email server. Where possible our servers will also use TLS but if the recipient server does not support TLS then the email will be sent without any encryption. |
Revision as of 10:42, 23 November 2016
This article as about enabling TLS in your existing email program when sending email through the AAISP email servers (smtp.aa.net.uk). If you are setting up an email program from scratch then simply select/tick the options to use TLS. This page gives help when you want to edit an existing account to enable TLS.
Why do this?
Firstly, it is good to understand what TLS is and why enabling TLS is good.
TLS stands for Transport Layer Security - it is similar to https web pages in that the data sent between your email program is sent securely. This is good as it prevents local eaves droppers from seeing your data (and even your username/password credentials if sending using authentication) and it helps confirm that the server you are talking to really is our server and not an impostor.
It us useful to know that enabling TLS in your email program only affects how you send email to our servers. Once we have received your email we will then send it onwards to the recipients email server. Where possible our servers will also use TLS but if the recipient server does not support TLS then the email will be sent without any encryption.
Enabling TLS is different from encrypting your actual message - this can be done with PGP or S/MIME - these methods will mean that your message is encrypted so that only the person you are sending it to can decrypt and read the message.
You can read more about TLS on the Wikipedia page
Certificate Warnings
You should not get a certificate warning when using our outgoing mail server, if you do then please check that the smtp server is set to: smtp.aa.net.uk
How to Enable TLS
Different email clients have different ways to enable TLS, usually it is just a tick box in the email account settings. Here are some pointers:
AAISP Webmail
The AAISP webmail will send email via TLS already.
Thunderbird & Icedove
Edit -> Account Settings -> Outgoing Server (SMTP) -> Edit -> Set "Connection security: STARTTLS"
or
Tools -> Account Settings -> Outgoing Server (SMTP) -> Edit -> Set "Connection security: STARTTLS"
Windows Live Mail
Accounts -> select your account -> Properties -> Advanced -> Under Outgoing mail (SMTP) Tick "This server requires a a secure connection"
Outlook (newer eg 2010)
File -> Info -> Accounts Settings -> Select your account -> Change -> More Settings -> Advanced -> Set "Use the following type of encrypted connection: TLS"
Outlook (older, eg 2003)
Tools -> Account Settings... -> Change -> More Settings -> Advanced -> Set "Use the following type of encrypted connection: TLS""
iPhone default mail app
Settings -> Mail, Contact, Calendars -> Choose your email account -> Advanced -> SMTP -> Set "Use SSL: ON"
Android (possibly older) default Email app
Menu -> Settings -> Tap the cog icon next to your account -> Outgoing settings -> Set "Security type: STARTTLS
K9 (Android)
Select the email account -> Settings -> Account Settings -> Sending mail -> Outgoing Server -> Set "Security: STARTTLS"