Mail-TLS-Helper

29 Sep 2018

Already in 2017, we had announced to work onto enabling mandatory transport encryption of e-mails. People have been saying for a long time this is impossible, because e-mail infrastructure is too old and badly maintained. Our tests in the last 1,5 years showed us a different picture.

We started with 2-3% of e-mails without transport encryption. Since then we have been able to bush this below 1% with mail-tls-helper.

This very small number of e-mail operators which do not enable TLS jeopardizes the security of all users. Although we informed these operators regularly about the bad state of their systems, only few showed will to improve. Therefore, we stopped the dispatch of our e-mail reminder. Additionally, we have recognized that many operators do not receive postmaster@<domain>, despite being an internet standard.

Then again, some people found mail-tls-helper pretty useful and enhanced it into a monitoring plugin.