Is it worth using SSL in Apple Mail?

You misunderstand the situation. My ISP has hitherto been providing POP e-mail only via port 110, but this week has announced some enhancements, one of which includes the option now for using SSL-encrypted e-mail, on a different port.

Oh, okay, it sounds like I misunderstood what I'd previously heard about SSL. I'd been told that, if you use SSL, encrypted mail is carried through all servers between a pair of users and is only not encrypted in the last leg, between each user and his/her nearest server. This is the converse of what you understand is the position.

On the other hand, I've for a long time had a suspicion that, for SSL to be used with any great effect, the recipient had to be using the same encryption method as the sender, and you now seem to have confirmed that. Even if the e-mail stays in plaintext in a situation like that, would the password nonetheless be encrypted? If not, then it'd seem worthless using SSL at all unless you can guarantee that every individual and organisation with whom you communicate by e-mail also uses SSL.

BobHarris wrote:

SSL is point to point encryption, whether used for email server to client encryption..

So, the encryption is only between the user and his/her e-mail server. Right? (Not sure what you meant by "point to point", in this context).

OK. It sounds as though SSL might just about be worth using. Thanks, folks, for clarifying the matter.

Ah, I meant to ask also whether SSL encryption is a separate exercise to authentication. In other words, when you configure Mail for SSL do you also have to set a specific authentication method to go with that? I seem to recall that, in my present non-SSL-configured account, the authentication is None in one direction, and Password in the other.

I agree with you. However, my current service provider is not the one I was with originally but instead was the provider that I defaulted to when my previous one sold their business a few years ago. I've been thinking of changing to an allegedly better provider for some considerable time and also upgrading the basic Internet service I get at the same time. However, a house move has been on the cards for some time, so it's not been sensible to make the change just yet. The current ISP just so happens to have been upgrading a few features of late, one of which has been to offer SSL e-mail. As you say, very late to the party, when you think about it. I was complaining to them very early on about the massive security holes in their e-mail service, such as transporting the password in plaintext and in one or two other ways it not being compatible with what Apple Mail normally expects. But my criticisms fell on deaf ears. Frankly, I don't think they're alone in lagging behind on these sorts of matters. But at least they've now made one small move toward improving it where e-mail's concerned.