In today’s digital world, communication is more important than ever, and email remains a central player. But while we might trust email for personal and professional exchanges, ignoring its security can have disastrous consequences. One major pitfall? Sending email without Transport Layer Security (TLS) or Secure Sockets Layer (SSL) encryption, essentially sending messages through unencrypted channels. This might seem harmless, but it’s like sending postcards with sensitive information written on them – anyone can peek and exploit it.

Telivy identifies if you are sending unencrypted emails by looking for ports that are used for sending such unencrypted emails. In an external scan these finds are part of the “Email without SSL/TLS Found” findings in the Network Security section.

1

Enter External Scan Section

2

Enter Network Security Section

In the Telivy Risk Assessment, it is part of the Network Security section.

3

Review Ports

Once you click on this finding, you should see a list of ports:

Ports Overview

Let’s delve into the different ports that might be usually found in this finding and the associated vulnerabilities and context needed to understand these findings: