We support TLS 1.2 and 1.3.
If your software does not support TLS 1.2 (see below) with PFS ("perfect forward secrecy") and ECDH key exchange, you must either upgrade, use our webmail, or (not recommended) disable encryption (SSL, TLS, STARTTLS) in your email software so that everything is sent as clear text. We recommend upgrading.
NOTE: TLS 1.2 was introduced in 2008. Software/equipment which does not support TLS 1.2 has, to a great extent, very severe security vulnerabilities and should not be used online.
Overview of software supporting TLS 1.2 and newer
- Apple Mail: 10 and newer (Sierra)
- Outlook for Mac: 2016 and newer
- Outlook for Windows: 2013 and newer
- Thunderbird: 31 and newer
- OpenSSL based software as of 1.0.1
- MacOS: Sierra (10.12) and newer
- Windows: 8 and newer
Overview of software that DOES NOT support TLS 1.2 and newer
- Apple Mail: 9.3 and older
- Microsoft Entourage
- Outlook for Mac: 2012 and older
- Outlook for Windows: 2010 and older
- Thunderbird 27 and older
- Windows Live Mail
- OpenSSL based software older than 1.0.1
- Android: 4 and older
- iOS: 4 and older
- MacOS: El Capitan (10.11) and older
- Windows: 7 and older (may be configured manually for Windows 7)
The following cipher combinations are supported:
- TLSv1.2: ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-CHACHA20-POLY1305 ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA
- TLSv1.3: TLS_AES_256_GCM_SHA384 TLS_CHACHA20_POLY1305_SHA256 TLS_AES_128_GCM_SHA256 TLS_AES_128_CCM_SHA256
DH 2048 key exchange is unsupported.
Multi-function printers (printer-scanners) that do not work
The following models do not support ECDH key exchange, and even when configured to fall back to unencrypted connection, they will not connect.
- HP Color LaserJet Pro MFP M283fdw (2014)
- HP OfficeJet Pro 8730 (2016)
- HP PageWide Pro 477dw MFP (2016)