Overview
The use of the Transport Layer Security (TLS) protocol over SMTP offers certificate-based authentication and helps provide security-enhanced data transfers by using symmetric encryption keys. In symmetric-key encryption (also known as shared secret), the same key is used to encrypt and to decrypt the message. TLS applies a Hash-based Message Authentication Code (HMAC). HMAC uses a hash algorithm in combination with a shared secret key to help make sure that the data has not been modified during transmission. The shared secret key is appended to the data to be hashed. This helps enhance the security of the hash because both parties must have the same shared secret key to verify that the data is authentic.

Implementation
By default, Chillox uses opportunistic TLS on all outbound emails. Our servers will always try to connect to the recipients server using the TLS protocol. If the recipients server support TLS, then traffic is encrypted. If not, then the email is sent using regular SMTP without encryption.

Chillox also provide inbound TLS support IF the client’s software supports TLS and the client has it enabled.