Tech Giants Seek Enhanced Email Protection with SMTP Strict Transport Security

In a day and age where hackers are attacking large-scale data storage at the retail, government and private sector levels on a regular basis, the renowned “Tech Giants” (Google, Microsoft, Amazon and others) are getting together to improve the security of email.


These companies are working with one another to create a new security protocol named SMTP (Strict Transport Security). This new protocol allows email providers to set new rules for creating encrypted emails.

Why is New E‑Mail Security Necessary?

To understand the “why” behind this effort, you need to understand that emails are hacked by “man-in-the-middle” actions. Once an email is sent, hackers acquire it before the email reaches its intended recipient. This access gives hackers the ability to change the content of the emails, add malicious content (malware, viruses, etc.) that appear to come directly from the sender.

Originally, email was sent on the protocol SMTP (Simple Mail Transfer Protocol) which had no encryption to it. Then, in 2002 the email protocol SMTP added an extension called STARTTLS to offer what is called a transport layer security extension to the SMTP protocol, offering a single layer of basic encryption to emails using it.

What is the Advantage of the New E‑Mail Security Protocol?

As the hacking threat grows, these tech giants are working together to create the Strict Transport Security extension to SMTP. The idea is that by generating a security certificate from the sender’s server and authenticating it on the recipient’s end, if the “man-in-the-middle” (aka, the hacker) attempts to capture the sent email and open it, the delivery of the secure email will be stopped from reaching the recipient, and send a message telling them why.

By adding this layer of enhanced security to email encryption, the developers of the Strict Transport Security extension believe that by stopping the delivery of an email once it has been hacked, a more secure environment from end-to-end will be created.

At the Unleaded Group, we are as concerned about your website and email security as you are. And, we are always looking for ways to secure your digital presence on all fronts. Call us at 720-221-7126 to learn more.