I am sending private information from a website to a gmail account. The connection between the client browser and gmail should be secure because gmail is served over https. (I know the client itself is a security risk.) What about Webfaction sending mail to Gmail? Can I rely on this being secure, or do I need to encrypt the contents of the email myself? Thanks for any help. Edit: Since posting this question, I have noticed the little red open-padlock icons in gmail. These show that email sent via Webfaction to gmail is often not encrypted. From this evidence, I have decided not to use gmail as a destination for any private website information. asked 04 Feb '16, 11:47 Crantok |
Our SMTP server is configured to use opportunistic outbound TLS encryption - that is, if the recipient MX server supports TLS for the incoming mail handoff, then our SMTP server will encrypt the message before handing it off to the MX. Gmail does support this, so you can have a reasonable expectation that your message will be securely transmitted from our SMTP to Gmail. Note that opportunistic encryption is not perfect - there's a decent explanation of the problem here: THE SAD STATE OF SMTP ENCRYPTION answered 04 Feb '16, 19:58 seanf Thankyou. +1 for the link you posted. Very readable article.
(04 Feb '16, 20:21)
Crantok
|