SMTP - TLSTransport Layer Security (similar to SSL) brings "Perfect Forward Secrecy" to Internet Email by encrypting SMTP traffic.
Even though most remailer messages are already encrypted, TLS provides added security because the key used in TLS sessions usually is ephemeral - i.e. it only exists for seconds and is destroyed immediately after use.
Since remailer keys are valid for months, sometimes years, and some (like Dizum's) have no expiry date at all ephemeral keys make remailing more secure.
Whether or not ephemeral keys are used within a TLS session depends on the cipher suite chosen. The Ephemeral Diffie-Hellman (EDH) ciphers use ephemeral keys. See Diffie-Hellman in SSL/TLS.
In the table below the submission column indicates that a mailserver accepts mails on port 587 (submission). The smtps column indicates that it accepts SSL connections on port 465 (smtps) for use with stunnel and similar. Some hosts also accept normal connections on port 2525 - this is indicated in the column 2525. Please note that some hosts may enforce the use of TLS on the submission port.
Stunnel can do STARTTLS using
This page was last updated on 9 Sep 2021.