About STARTTLS

STARTTLS is the industry standard handshake command and protocol for establishing a secure connection between the MDaemon email server and other email servers or clients or both.

The STARTTLS can be initialized by a:

• server contacting a server
• client contacting a server
• server contacting a client

The STARTTLS command asks the receiving device to start an SSL session. The sender and receiver then negotiate to see if they “trust” each other. The trust is based on the existence and content of authentication certificates. Based on the negotiated results, the two devices can:

• establish a secure SSL connection using public key/private key technology
• establish an insecure connection without SSL
• refuse to establish a connection

If the devices establish a secure connection, the sender and receiver use encoding and decoding to transfer the message privately. Encryption assures privacy because only the sender and receiver understand the encoding and decoding. Even if third parties intercept a transmission, the encoding makes both the message and any attachments virtually unreadable.

Also, if an intercepter alters the transmission the receiver will know this because the message will not decode correctly.

MDaemon has configuration options for:

Enabling STARTTLS along with SSL

With SSL and STARTTLS enabled, clients and other servers have the option of communicating with the MDaemon server using authentication certificates and message encryption.

Preferring, but not requiring, STARTTLS negotiation for all connections

With STARTTLS set as a preference, MDaemon will connect using SSL when possible, but will not refuse non-SSL connections.

Contents