Most Australian email servers offer encryption

By

Facebook survey of mail exchangers shows STARTTLS widely deployed.

A large survey of mail exchangers by Facebook shows that Australia scores highly when it comes to offering secure, encrypted transmission of messages.

Most Australian email servers offer encryption

The survey, conducted by Facebook's mail integrity engineer Michael Adkins, analysed the deployment of the SMTP STARTTLS transport layer security command that kicks off encrypted message transmission.

The survey found almost 10 percent of Aussie email servers required STARTTLS and just under 70 percent offer it optionally.

This places Australia on par with North American and European email senders, and far ahead of other countries in the Asia Pacific, although New Zealand was not included in Facebook's survey.

Use of STARTTLS in APAC. Source: Facebook

Emails are often used to transmit sensitive information, ranging from personal messages to password resets and two-factor authentication challenges, to verify users. 

If emails are not encrypted with the Transport Layer Security (TLS) / Secure Sockets Layer security protocol stack, email messages are sent in clear text across the internet, and anyone who can access the data stream can read them.

Adkins said Facebook encrypts emails by default via the STARTTLS command whenever it is available. While the technology has been around for more than fifteen years, Adkins said it was reputedly not widely deployed. 

Through his research, his team found that more than three-quarters of unique mail exchanger hosts that receive Facebook emails support STARTTLS and of these, 58 per cent are successfully encrypted.

This contradicts the perception that STARTTLS isn't widely deployed and indicates it has reached critical mass, Adkins noted.

Adkins admitted more work is required on the STARTTLS front since there are still problems with misconfigured or invalid digital certificates used to authenticate communications.

Facebook said it sends several billions of emails to millions of domains every day, mostly notification messages about activities on the social network.

Its analysis of email transmission log data may underrepresent government and corporate use of STARTTLS for that reason, Adkins said.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
australiaemailencryptionexchangefacebookinfosecmailmxsecuritysmtptelco/isp

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

Telstra launches satellite messaging service

Telstra launches satellite messaging service
Telstra server migration cut access to emergency number

Telstra server migration cut access to emergency number
Telstra to move away from 'best effort' connectivity, let users tweak attributes

Telstra to move away from 'best effort' connectivity, let users tweak attributes
Telstra addresses external antenna claims by Vodafone

Telstra addresses external antenna claims by Vodafone
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?