Changes to TLS encryption security

At Runbox we are pleased to be able to provide you with secure email services. In order to maintain the security of email communications it is necessary to continually review how email systems connect and communicate with each other, and this includes how you connect to our service to send and receive email.

Encryption is important

When you connect to our service using an email program (such as Outlook, Thunderbird, Apple Mail etc.) the connection between the email program and our mail servers is encrypted so that nobody can intercept your username, password or email message content.

It’s important to use updated software that supports modern encryption methods to prevent that encryption from being broken and compromised as hackers increasingly use more and more powerful computers and techniques to decrypt data.

As such we will end support for outdated encryption methods to ensure that we provide the latest and most secure encryption between your email program and our service. This also helps us prevent unauthorised access to our servers and helps keep the Runbox service safe for all customers.

On 1 July 2019 we will retire some very old encryption protocols
and this might affect some older email programs.

The technical details

We will be retiring support for TLS 1.0 and 1.1 and will only support TLS 1.2 or later. TLS 1.2 has been around for 10 years so there has been a long time for email programs to adopt the use of this type of encryption. TLS is Transport Layer Security and is the encryption that protects your data. However, you don’t need to understand much about this to make any necessary changes.

Your email program

Most email programs that were released in the last 5 years will be compatible with the latest encryption. It is important to use the latest versions of email programs as the developers of those programs will have corrected bugs that could be a security issue. Where possible it is also advisable that you use the latest version of your computer’s operating system.

We have tested the email programs below and they all work with the most modern encryption that we use with our servers.

  • Outlook 2010 and later (Windows and macOS) – may require a registry change for Windows 7 customers.
  • Thunderbird (Windows and macOS)
  • Apple Mail (macOS) – High Sierra or later.
  • Windows Mail (Windows)
  • eM Client (Windows and macOS)
  • Gmail app (Android)
  • Mail app (iOS) – requires iOS 10 or later.
  • Maildroid (Android)

Many other email programs will also work with our service and those listed above are just commonly used ones that we have tested.

Further details and help

If you need any help on this issue, or would like us to offer advice on the email program you are using please get in touch with us.

7 thoughts on “Changes to TLS encryption security”

  1. I can confirm that Runbox’s IMAP/POP/SMTP servers work flawlessly. I’ve tested it multiple times and copied over 100k emails message via IMAP TO and FROM their mail server and there were no connection or compatibility/protocol issues, both on Apple Mail (10.14 Mojave) and Thunderbird (latest on Mac). I haven’t tested on Outlook though.

    The way IMAP, POP, and SMTP work at Runbox was a significant (if not the main) factor why I decided to sign up with them. Additionally, I like that they strip original IP address when I send an email via their SMTP, this is also very important from a privacy point.

  2. I can no longer send emails using 2013, unknown encryption method

    Thanks for the notice

      1. Hi

        Support sent me the registry fix for windows 7 and that corrected the issue.

        Trevor

  3. Has this issue affected Apple Mail on Yosemite 10.10.5?
    I am struggling badly to connect.

    1. Hello. You will need OSX 10.12 or better still 10.13 so that Apple Mail can connect using TLS 1.2. An alternative is to use an email program that can independently use TLS 1.2 such as Thunderbird.

      If you need more help with this, please contact Runbox Support.

Leave a Reply

Your email address will not be published. Required fields are marked *