What Is SSL Mail?

By Eric Summers

When your email program needs to send or receive mail, it connects to a mail server. This server requests your user name and password and your email client sends this information. If your email client is not configured to use an SSL connection, then your user name and password are sent in "clear text," meaning that they are not encrypted and could be easily read by someone attempting to intercept that information.


SSL mail connections encrypt all of the communications that occur between the email client and the mail server. This encryption prevents nearly all attempts at deciphering the data sent between your computer and the server.


Your email client will request a key from the mail server and then verify that the key the server returns is a valid one that comes from a trusted source. Once this key has been accepted and verified, he key is used to encrypt and decrypt communications between the two computers. Both the server and your computer have a private key that is also used, but not openly exchanged, thereby making decryption of the data by an outside party very difficult.


While the SSL protocol will protect your email a great deal, it is not foolproof. If someone has the resources and time, the data can still be captured and decrypted. If someone has managed to install a keylogger on your machine (a program that monitors your keyboard input) then your password can be stolen before your email program ever has a chance to encrypt it.