The encryption protocols TLS 1.0 to 1.3 are available for secure communication with our email servers. The TLS 1.0 and TLS 1.1 versions will be deactivated for security reasons on 2023-09-30 and can no longer be used.
When using old end devices with
it is no longer possible to receive and send emails via our servers. Please take remedial action by renewing software and/or devices.
The Federal Office for Information Security (BSI) also requires TLS version 1.2 as a minimum.
https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/TLS-Protokoll/TLS-Protokoll_node.html
The Internet standard RFC 8996 designates TLS versions 1.0/1.1 as obsolete:
https://datatracker.ietf.org/doc/html/rfc8996
Accordingly, we are following the guidelines and recommendations of the RFC and the BSI with the shutdown.
The TLS 1.0 and TLS 1.1 encryption protocols are outdated and no longer meet our current security standards. To protect your email communication, we will no longer allow access to our mail.ch servers with the outdated protocols from 2023-09-30. This affects the IMAP, POP3 and SMTP protocols.
From 2023-09-30, only the current versions TLS 1.2 and 1.3 will be supported.
If you are using particularly old devices or software that do not yet support TLS 1.2 or 1.3, the transmission of emails between your affected device or program and our IMAP/POP3/SMTP servers will no longer work after the shutdown on 2023-09-30, i.e. you will receive error messages when establishing a connection.
Affected devices include:
Possible error messages that may occur are:
Before the shutdown on 2023-09-30: Log into our webmailer at https://my.mail.ch, go to "Settings -> Account -> Login History", and check all entries for an outdated TLS version 1.0/1.1 for the IMAP, POP3 and SMTP protocols. These connections will fail in the future.
Please check older devices (e.g. scanners, routers, webcams, smartphones, PCs etc.) that access our mail servers via IMAP/POP3/SMTP. Check with the manufacturer for updates to install the latest software/firmware. Software/firmware that is less than 5 years old should support TLS 1.2 or 1.3. If there are still problems even with the latest updates, contact the manufacturer of the machine or software.
If the software can no longer be updated because there is no support from the manufacturer, which is often the case with old smartphones, TVs and IoT devices, for example, these devices should either no longer be used for email communication or should be replaced with new devices/software.
Note: The use of your email box with a current Internet browser via our website https://mail.ch or our mobile Android and iOS apps continues to be possible without restrictions.
TLS stands for Transport Layer Security and is an encryption protocol better known as SSL. TLS encrypts communication on the Internet, ensuring your privacy and security. When it comes to emails, TLS ensures that emails are transmitted securely between sender and recipient and prevents others from reading the emails you send.
You could compare sending an email with TLS encryption to sending a letter in a sealed envelope. Sending without TLS is like sending a letter without an envelope that anyone can read.
It is necessary to discontinue support for TLS 1.0 and 1.1 to ensure that we can continuously provide you with the highest level of security for your email communications.
TLS 1.0 and 1.1 have been around for a long time - since 1999 and 2006 respectively - and are now obsolete. TLS 1.2 has been around since 2008. The latest TLS version is TLS 1.3 and was released in 2018. With the latest version, security vulnerabilities of the previous versions have been eliminated, which means that the security of the latest version is significantly higher compared to the older versions. The use of TLS 1.2 and TLS 1.3 therefore makes sending and receiving emails more secure against hackers.
As of March 2020, older TLS versions of browsers such as Google Chrome and Firefox are no longer supported for website encryption over HTTPS. Microsoft announced in 2018 that they would stop supporting TLS 1.0 and 1.1.
We as mail.ch have also disabled TLS 1.0/1.1 on our mail.ch web servers.
The Federal Office for Information Security (BSI) also requires TLS version 1.2 as a minimum.
https://www.bsi.bund.de/DE/Themen/Oeffentliche-Verwaltung/Mindeststandards/TLS-Protokoll/TLS-Protokoll_node.html
The Internet standard RFC 8996 designates TLS versions 1.0/1.1 as obsolete:
https://datatracker.ietf.org/doc/html/rfc8996
Accordingly, we are following the guidelines and recommendations of the RFC and the BSI with the shutdown.
Only older devices and computers that do not support TLS 1.2 or higher will be affected. If your email client is up to date and you are using an up-to-date operating system on your device, this change will not affect you.
However, if you are using one of the operating systems listed below, your email program is most likely affected and you may experience problems receiving and sending emails.
Desktop and laptop operating systems that could be affected:
Tablet and smartphone operating systems that could be affected:
All rights reserved. ©2015-2024 by mail.de GmbH