Security researchers have identified around 40 different vulnerabilities in a TLS encryption mechanism that impacts several email clients and servers. The exploitation of these vulnerabilities could lead to targeted Man-in-the-Middle (MitM) attacks where mailbox content can be forged and credentials could be stolen.

What has been revealed

  • The flaws have been spotted in multiple STARTTLS implementations and detailed by a group of researchers at the 30th USENIX Security Symposium. 
  • During the study, researchers performed a global scan on the Internet, during which around 320,000 email servers were found to be exposed or vulnerable to command injection attacks.
  • Some of the well-known clients impacted by the flaws are identified as Evolution, Apple Mail, Gmail, KMail, Mutt, Claws Mail, Samsung Email, Exim,, Yandex, and Mozilla Thunderbird.

STARTTLS limitations leading to attacks

STARTTLS is a form of opportunistic TLS that allows email communication protocols (e.g. SMTP, POP3, IMAP) to be transferred or upgraded from a simple connection to an encrypted connection.
  • According to researchers, upgrading email communication protocols connections via STARTTLS is insecure and exposes the system to a number of security vulnerabilities along with attacks.
  • To carry out these attacks, the attacker is required to tamper with connections made between an email client and email server of a provider along with login credentials for their own account at the same server.

Multiple attacks scenarios

In an attack scenario, these implementation flaws could enable mailbox forgery by inserting extra content to the server message in reply to the STARTTLS command before the TLS handshake.
  • Due to this, the targeted client can be misled into allowing server commands as if they are part of the encrypted connection.
  • In another situation, an attacker can bypass STARTTLS in IMAP by sending a PREAUTH greeting to stop the connection from upgrading and then force the client into an unencrypted connection.

But, not to worry as patches for these vulnerabilities have been released.


Looking at the seriousness of these flaws, researchers suggested several security tips, such as configuring email clients using POP3, IMAP, and SMTP with implicit TLS on the dedicated ports (port 465, 995, and 993), and offering implicit TLS by default.

Cyware Publisher