03-11-2016 08:39 PM
I've noticed that when I send my ACT eMarketing eblasts to a Gmail account, this Red Padlock shows up under the subject line. I've copied and pasted below, what Gmail explains this red padlock means. Are there any plan to support this in the future?
Gmail supports encryption in transit using Transport Layer Security (TLS), and will automatically encrypt your incoming and outgoing emails if it can. Some other email services don't support TLS, and therefore messages exchanged with these services will not be TLS encrypted.
In Gmail on your computer, you can check that a message you’ve received was sent over TLS by clicking the small down arrow at the top-left of the email and reading the message details.
If you see a red open padlock icon on a message you’ve received, or on one you're about to send, it means that the message may not be encrypted.
If you see the red padlock while composing a message
Don’t send confidential material, like tax forms or contracts, to that email address.
If you see the red padlock when viewing a received message
This message was sent unencrypted. In most cases, there’s nothing you can do. If it contained particularly sensitive content, you should let the sender know and they can contact their email service provider.
Why some emails might not be encrypted
If the person you’re emailing with is using an email service that doesn’t encrypt all messages using a system called Transport Layer Security (TLS), their emails might not be secure, even though Gmail will encrypt whenever possible. For delivery TLS to work, the email delivery services of both the sender and the receiver always have to use TLS. Learn more about email delivery with TLS encryption.
I see a red open padlock when replying to a message without a red padlock
It’s possible for email providers to send messages to Gmail users using TLS but not yet support receiving encrypted messages.
Some special cases
When you compose a message, Gmail tries to determine whether the receiving email services support encryption, and warns you if they haven’t in the past. This may not be accurate if the message isn’t being sent directly by Gmail, for example, if you've set up a custom From address through another domain’s mail service.
03-16-2016 09:42 AM
This is a good question, and I've logged a request for our team to explore it further.
In the past there's maybe been an assumption that customers send more general marketing emails, rather than secure or sensitive content. This is of course not always the case, and with continual increases in email security, encryption is becoming an expectation if not a requirements (yet). We also however need to ensure that any additional security does not impact deliverability of emails, and that content is received correctly on popular desktop, on-line and mobile mail applications. We'll take a closer look at this.