NDSS 2025 – A Multifaceted Study On The Use of TLS And Auto-detect In Email Ecosystems

Original email protocols like IMAP, POP3, and SMTP were designed without built-in security. Transport Layer Security (TLS) can be used to encrypt these communications. Many email clients now offer an "auto-detect" feature to simplify setup for users. This paper presents a study on the security of TLS and auto-detect in email clients. Researchers tested 49 email clients and found flaws that could compromise user credentials. They also analyzed 1102 email setup guides from academic institutions worldwide. This analysis revealed issues that could lead users to adopt insecure email configurations. The study also evaluated server-side support for TLS and the characteristics of their certificates. Findings indicate that many users experience security losses due to improper handling of TLS and auto-detect. The paper concludes that organizations should provide clear, manual configuration instructions instead of relying on auto-detect.