At that time, the Internet was only used by a small number of institutions. Therefore, security was not the most important thing. The protocol was not designed to protect the content of an email or to verify the identity of the sender.
As email usage grew and the Internet expanded, poor SMTP security became a major problem. In the 1990s, spam emails and email fraud were rampant. There was a clear need for improved security protocols to protect email communications.
SSL and TLS
In the mid-1990s, two new protocols were developed to improve the security of Internet communications:
Secure Sockets Layer (SSL): This protocol allows data albania whatsapp number data 5 million to be encrypted, making it difficult for unauthorized persons to read the content of emails.
Transport Layer Security (TLS): This protocol later supplanted SSL by offering greater security and has become the standard for encrypting emails in transit.
When you see “https://” in your browser, it means SSL/TLS is being used to secure the connection.
SPF, DKIM and DMARC
While protecting email in transit is important, there was another key aspect of email security that remained to be seen.
When someone sends you an email from a certain address, how do you know it is who they say they are?
If you receive an email from your brother's email address, how can you say for sure that your brother sent that email? This is called email spoofing and can be a very serious social engineering attack. To this end, protocols were developed to verify the identity of email senders. Here are the top 3 that are in place today:
SPF : Sender Policy Framework checks whether an email is sent from an authorized server. When an email is received, the receiving server checks the SPF record of the sender's domain to ensure that the email is coming from an authorized source.
