StartTLS

What is StartTLS?

Start Transport Layer Security (StartTLS) is an email protocol command used in email communication to upgrade an existing unencrypted connection to an encrypted one using TLS. It allows email clients and servers to establish security on a standard port.

How does StartTLS work?

The email security flow: email client to unencrypted connection, followed by the StartTLS command, a TLS negotiation handshake, and finally an encrypted email session. The StartTLS process begins when an email client connects to a mail server (SMTP, IMAP, POP3) on a standard, unencrypted port, such as port 25, 110, or 143. Once the initial connection is established, the client sends the StartTLS command to the server, requesting an upgrade to a secure connection.

If the server supports StartTLS, it responds with a confirmation and initiates a TLS handshake. During this handshake, the client and server negotiate encryption parameters, exchange cryptographic keys, and validate the server’s certificate (when certificate validation is enabled).

Once the handshake completes successfully, all subsequent communication in that session is encrypted, protecting both the email content and authentication credentials from interception on that connection.

Characteristics of StartTLS

Encrypts email in transit: After the TLS handshake, email content and authentication credentials are protected during transmission between client and server or between mail servers.
Protocol-based upgrade mechanism: Uses a command to convert an existing plaintext connection into a TLS-encrypted session on standard ports.
Widely supported and backward compatible: Supported by most modern mail servers and clients, while still allowing communication with systems that do not support encryption.

Potential limitations of StartTLS

Vulnerable to downgrade attacks: If a mail server doesn’t require TLS (or has no policy to enforce it), an attacker positioned between the client and server could strip the StartTLS command, forcing the connection to remain unencrypted.
No end-to-end encryption (E2EE): StartTLS only encrypts email during transit between servers or between a client and server. It doesn't protect messages stored on servers or provide E2EE between the sender and recipient.

FAQ

Is StartTLS secure?

Start Transport Layer Security (StartTLS) is generally secure when properly implemented and configured. It uses the same TLS encryption standards that protect web browsing and other online activities.

Does Gmail use StartTLS?

Yes, Gmail supports Start Transport Layer Security (StartTLS) to encrypt messages in transit between mail servers for both incoming and outgoing email connections.

Is StartTLS the same as TLS?

No, Start Transport Layer Security (StartTLS) is not the same as TLS. StartTLS is a protocol command that requests an upgrade from an unencrypted connection to a TLS-encrypted connection. TLS is the encryption protocol that secures the connection after the upgrade.

Can emails still be intercepted with StartTLS?

While Start Transport Layer Security (StartTLS) reduces interception risk, downgrade attacks or servers that don’t require it can leave traffic unencrypted. It also only encrypts mail in transit. Messages may still be readable on mail servers unless they’re encrypted at rest or end-to-end.