Some of the biggest tech companies like Google, Microsoft, Yahoo, LinkedIn and Comcast have partnered to propose a new e-mail mechanism, called SMTP (Simple Mail Transfer Protocol) Strict Transport Security (SMTP STS) that ensures encrypted e-mails.
This email mechanism is making for users information more secure, and it checks if the domain a user is sending to supports SMTP STS and makes sure its encryption certificate is authenticated and up-to-date. The current e-mail encryption system is susceptible to man-in-the-middle attacks. If for some reason the mechanism detects any problem, it would not let the email pass through and will let the sender know the reason.
“SMTP STS is a mechanism enabling email service providers to declare their ability to receive TLS-secured connections, to declare particular methods for certificate validation, and to request sending SMTP servers to report upon and refuse to deliver messages that cannot be delivered securely,” said the proposal
Google, Microsoft, Yahoo, LinkedIn and other companies themselves are using the secure method and working on encrypting emails to make the personal information more secure. For example, Google uses the encryption method for its Gmail or email service, by flagging those email providers that don’t support Transport Layer Security (TLS) encryption, which is aimed at ensuring a connection is secure before exchanging data between server and clients. Emails sent using such mail services will be flagged with a red, broken lock icon in the top-right corner of the mail.
Gmail will flag emails received from contacts whose identity cannot be verified. The service will alert the receiver about the emails coming from unauthenticated sources by showing a question mark in place of the contact’s profile photo.
