9.3. Using SSL for Incoming and Outgoing Mail
A secure login is essential, but by itself, it's not enough. Even without having your password (and thus being able to snoop on all your mail at any time), an interloper could read the text of any email message that passes between your computer and your mail server in either direction. However, if that part of the message's path is encrypted, it blocks one of the most obvious avenues of attack.
The usual means of encrypting email between client and server is SSL — the same technology that banks and other institutions use to secure web pages. SSL is a form of public-key cryptography, which means that each side has a pair of keys: the other party's public key (used to encrypt outgoing data) and his or her own private key (used to decrypt incoming data). To oversimplify somewhat, this scheme means that unless someone knows (or can guess) your password, which protects your private key, the odds against that person being able to decrypt your messages are astronomically high.
NOTE
Although SSL was succeeded by a more modern version of the protocol called TLS (Transport Layer Security), and although your email client may support either version, most email software still uses the SSL terminology.
9.3.1. How SSL works for email
In order to use SSL, your ISP or email provider must support it. Most do nowadays, and some in fact no longer support unencrypted sessions. But the ...
Get Mac® Security Bible now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
