How to Use SSL with an Email Account in Mac OS X Mail

Email is notoriously insecure. Unless you use encryption, email messages travel around the world in plain text such that anyone who intercepts it can read it.

There is a way to at least partially secure the connection from you to your mail server, however. It is the same technology that also secures e-commerce sites: SSL, or Secure Sockets Layer. If your mail provider supports it, you can configure Mac OS X Mail to connect to the server using SSL so that all communication is transparently encrypted and secured.

Use SSL with an Email Account in Mac OS X Mail

To enable SSL encryption for an email account in Mac OS X Mail:

  1. Select Mail | Preferences from the menu in Mac OS X Mail.
  2. Go to the Accounts category.
  3. Highlight the desired email account.
  4. Go to the Advanced tab.
  5. Make sure the Use SSL checkbox is selected. Clicking it will automatically change the port used to connect to the mail server. Unless your ISP gave you specific instructions concerning the port you should use, this default setting is fine.
  6. Close the Accounts window.
  7. Click Save.

SSL can slightly reduce performance because all communication with the server will be encrypted; you may or may not notice this change in speed depending on how modern your Mac is and what kind of bandwidth you have to your email provider.

SSL versus Encrypted Email

SSL encrypts the connection between your Mac and your email provider's server. This approach offers some degree of protection against people on your local network, or your Internet service provider, from snooping on your email transmission.

However, SSL doesn't encrypt the email message; it only encrypts the communications channel between Mac OS X Mail and your email provider's server. As such, the message is still unencrypted when it moves from your provider's server to its final destination.

To fully protect the contents of your email from origin to destination, you'll have to encrypt the message itself using an open-source technology like GPG or through a third-party encryption certificate.

Alternatively, make use of a free or paid secure email service, which not only encrypts your messages but also protects your privacy.