Why it’s importantWe always recommend that admins enable existing mail security features, including SPF, DKIM, and DMARC, to help protect end users.
Note that existing mail routes will not be impacted by these changes. While admins have always had the ability to require TLS encryption for mail routes, it was previously off by default. They no longer need to wait for messages to bounce. However, in order to encourage more organizations to increase their email security posture, and to further the above goal of enabling TLS by default, we’ve made the following changes: Gmail already supports TLS, so that if the Simple Mail Transfer Protocol (SMTP) mail connection can be secured through TLS, it will be. The blog post also highlighted a significant goal: to enable TLS by default for our Google products and services, and to ensure that TLS works out of the box. What’s changingRecently, the Google Security blog outlined how the usage of Transport Layer Security (TLS) has grown to more than 96% of all traffic seen by a Chrome browser on Chrome OS.