Over past few weeks, Flight School Friday has been focusing on best practices: how to comply with the anti-spam laws and learn more about scammers to avoid them. This brings us to the topic of today’s post: security. You want to make sure that your data is safe before, during and after sending your emails. In this post, we’ll be talking about the encryption process at Mailjet in order to make sure that all the emails we send are safe and that nobody is able to read them but the recipient. The security of emails sent is critical, especially when it comes to transactional emails, which can contain sensitive information like credit card numbers, personal IDs, passwords or similar.

Email Encryption- How We Keep Your Emails Safe

©DaveBleadsdale

TLS and SSL: shielding your emails when they take off

Transport Layer Security and Secure Socket Layer are protocols that keep the communication between servers safe. With the rise of e-commerce at the end of the 90’s, Netscape developed SSL, an authentication and encryption protocol that made online payments more clear and safe. A few years later, this protocol has been replaced by TLS: thanks to its symmetric-key algorithm which improve security, TLS became a reference, replacing SSL.

TLSacts like a tunnel between our SMTP server, which is used to send your emails, and the recipient server. The information is sent encrypted from one server to the other and the emails sent will only be deciphered once the recipient server authenticate the origin of the message, thanks to unique certificate keys. Without those keys, the message will be scrambled and nobody will be able to read your message.

HTTPS: keeping your messages safe

So now we’ve learned that TLS protects your emails as they pass through our servers. But what if a user composes an email using the Mailjet web interface rather than pushing them with an API? How can we be sure that the email won’t be vulnerable to hackers before being sent

This is what HTTPS is for. Short for HyperText Transfer Protocol Secure, it allows you to verify the identity of the website you’re about to visit. A HTTPS website will guarantee you confidentiality and trustworthiness, as well as the encryption of the data you are entering. When using Mailjet, this means that when you create a new email via our web interface, HTTPS keeps your message safe and sound.

Opportunistic TLS: the final security coat

Still worried about the safety of your email data? Don’t worry. Mailjet is coming with another encryption protocol: Opportunistic TLS. Just like TLS, this protocol creates a secured encrypted channel between our servers and the recipient’s server. Though, if the recipient server understands TLS, all the exchanges will be done with this protocol, without any third party add-on to certify your legitimacy.

By implementing these protocols into our system at Mailjet, we’re making sure that your data and emails are safe. Add to that the fact that our servers are all located in secured data-centers and that each person on  our team is honest and reliable . With Mailjet, your messages and information are not in the wild.

[ Posted Fri, 04 Jul 2014 15:11:00 ]