What is TLS encryption and why is it important?

Which encryption standards does Mailingwork use?

Mailingwork supports TLS versions 1.0, 1.1, and 1.2 for email delivery. The highest encryption level supported by the receiving email server is automatically used.

What happens if the recipient server does not support encryption?

By default, Mailingwork sends the email unencrypted in this case. However, it is possible to set up forced TLS encryption for your account. In this case, emails will only be delivered to servers that support TLS. For servers without TLS support, delivery will be aborted and a bounce (undeliverability notification) will be generated.

How can I activate forced TLS encryption for my account?

The setting for forced TLS encryption can be activated for your account by Mailingwork staff. Please contact our Customer Service for this.

What is the SSL proxy and what benefits does it offer?

Since September 2020, Mailingwork has been operating an SSL proxy for website communication that works exclusively with the secure protocols TLS 1.2 and TLS 1.3. This affects the encryption of web access, such as to your landing pages or when clicking on links in a mailing.

How can I use the SSL proxy for my domains?

To use the SSL proxy, you need to set a CNAME entry for your sending or redirect domain to "ingress.sendnode.com". Alternatively, you can also set up an A record with the IP address 185.98.186.254.

What types of SSL certificates are supported?

You can either provide your own SSL certificates or use free Let's Encrypt certificates that we set up for you. Let's Encrypt certificates are automatically renewed every 90 days.

How secure is the encryption via the SSL proxy?

When using a certificate ordered through Mailingwork, a key length of 4096 bits is used. Through the implemented cipher suites and an HSTS header with a validity of 2 years, Mailingwork offers you security appropriate to the current state of the art.