STARTTLS Everywhere is a project to make email delivery more secure. It is created and maintained by the Electronic Frontier Foundation (EFF), a 501(c)3 nonprofit.

We want safer hops for email. Email goes through multiple computers (or multiple “hops”) to get to its destination, and each hop should be as secure as possible. More specific goals of the project include:

If you have questions about STARTTLS Everywhere, check out the FAQ. If you are an email service provider, you can also learn more about being added to the STARTTLS Everywhere policy list.

If you like the project, consider donating!


In 2015, researchers discovered that ~20% of the Alexa top million domains which have mailservers don’t use STARTTLS, and ~40% present invalid certificates [1]. In addition, STARTTLS commands from several countries were being regularly downgraded, as high as 96% of the time.

These results are the motivation for this project.

[1] Neither Snow Nor Rain Nor MITM … An Empirical Analysis of Email Delivery Security https://zakird.com/papers/mail.pdf