SSL vs TLS for SMTP Explainer
Email-client configuration UIs still say 'SSL' when they mean 'TLS'. Knowing the difference matters for compliance audits.
| Version | Year | Status |
|---|---|---|
| SSL 2.0 | 1995 | BROKEN — never use. Removed from all modern stacks. |
| SSL 3.0 | 1996 | BROKEN (POODLE attack) — never use. Disabled in all modern MTAs. |
| TLS 1.0 | 1999 | DEPRECATED — disabled by Gmail and Microsoft 365 for inbound TLS. |
| TLS 1.1 | 2006 | DEPRECATED — same status as TLS 1.0. |
| TLS 1.2 | 2008 | MINIMUM ACCEPTABLE — required by most modern MBPs as of 2024+. |
| TLS 1.3 | 2018 | CURRENT — preferred by all modern MTAs. Reduces handshake round-trips. |
Mail client UIs still label TLS as "SSL". The label is wrong; the cipher is TLS. When in doubt: configure for "SSL/TLS" on port 465, "STARTTLS" on port 587, and require TLS 1.2 minimum.
Explains SSL 2.0/3.0 (broken, do not use), TLS 1.0/1.1 (deprecated), TLS 1.2 (minimum acceptable), TLS 1.3 (current). When each is used in SMTP.
Configuring an MTA or mail client. Compliance audit response.
FAQ
Keep going
Articles, glossary entries, and other tools on the same topic.
You know the rule. See where you sit against it.
Reference pages tell you the benchmark. Outsolvi tells you whether your team is above or below it — per-rep, per-deal, per-week — and which behavior changes move the number. From $7/user/mo yearly.
See your numberNate built Outsolvi after watching every email-tracking tool he had ever used lie to him about opens. Outsolvi runs Tier 1 to 5 confidence scoring on every open, native in Outlook and Gmail, so the number on the dashboard is one a rep can actually act on.
We update these pages when the underlying mechanics change — new mailbox-provider rules, new tracker behavior, new measurement gaps. The dates above are real revisions, not auto-touches.