E-Mail encryption

Effective immediately, I have configured my mail server to reject incoming e-mails without transport level security. So if you send me an e-mail and it bounces, there probably will be an error like this in your bounce mail:

530 5.7.0 Must issue a STARTTLS command first

That means that your E-Mail provider does not support encrypting emails during transit. I am not talking about end to end encryption like PGP or S/MIME where no one but you can decrypt the actual message. Just simple transport encryption between your mail provider and me.

It is 2018 now and after Snowden I consider encryption to be mandatory regardless of content. We need more encryption by default to counteract mass surveillance by Prism, XKeyscore, NSA, GCHQ and alike.  That is also why this site itself is HTTPS only. Not because I handle sensitive information but to embrace the new “encrypt by default” world.

So if you can’t send me emails that means your e-mail provider is bullshitting you. There is no better way to say “I don’t care about my users data” but by sending your precious mails over the internet without any protection whatsoever. None of the major providers like Outlook.com or GMail does that anymore. Yell at your current provider and switch immediately to someone who knows what he is doing!

If you are using a company email account: Talk to your mail server administrator and ask him why your company emails are sent unencrypted. That is flat out unacceptable.

If you want to test your mail provider whether or not transport level encryption is supported: Check ssl-tools.net.