How to Disable Outdated Email Encryption on Windows

If you’re using an old version of Windows or Outlook, you might encounter errors similar to the following when trying to send or receive email:

Your server does not support the connection encryption type you have specified. Try changing the encryption method.

Your server has unexpectedly terminated the connection. Possible causes for this include server problems, network problems, or a long period of inactivity.

Recommended Permanent Solution

Always use the latest versions of your operating systems and email apps, so as to receive ongoing security updates.

The latest versions of OS X and Windows are typically offered free of charge to purchasers of certain previous versions. Check with Apple and Microsoft to see if you qualify.

Possible Immediate Solutions

  • Check your email app’s settings to ensure that they match the ones listed at your hosting account’s Info page.

  • Check your email app’s settings to ensure that it’s connecting using TLS/SSL (if they’re listed as a single option), or TLS rather than SSL (if they’re listed as separate options), and that SPA (typically found in Outlook) is disabled.

  • Disable the email scanning feature of any internet security software you may have installed, as it can sometimes interfere with your email connections.

  • Disable the outdated RC4 encryption using the instructions listed on this page on Microsoft’s website.

  • If you’re running Windows 7, ensure that it supports TLS 1.2 using the instructions listed on this page on Microsoft’s website.

  • If you’ve followed the instructions in the above articles, and are still unable to send or receive email in your email app, try running a different email app, such as the latest version of the free Mozilla Thunderbird, which is typically able to keep up-to-date with modern security.

    Be sure to choose IMAP (instead of POP3) when setting up Thunderbird. This ensures that your messages remain safely on the server (unless you delete them or move them to a different location).

  • You can also send and receive email via your web browser using Webmail, per the instructions listed on your hosting account’s Info page, or via any other desktop or mobile device running a modern operating system and email app.

What causes this problem?

If your copy of Windows or Outlook is too old, Microsoft no longer supports it.

In other words, Microsoft won’t issue security fixes for, nor remove outdated encryption methods from, your copy of Windows.

Because of this, Windows or Outlook on your system may be attempting to use an outdated encryption method called RC4, or a security protocol older than TLS 1.2.

With today’s computing power, malicious parties who intercept email transmissions that use RC4 encryption can easily and automatically decipher the messages within several hours!

You can read more about how to disable RC4 from Microsoft’s security advisory on their TechNet blog.

Similarly, if you’re running Windows 7, you can read more about how to enable support for TLS 1.2 using this Microsoft guide.

To resolve this issue properly, we highly recommend upgrading to a more secure version of Windows and/or Outlook as soon as possible (preferably the latest version to avoid having it become outdated again too quickly).

It’s best to have the upgrade(s) performed at your earliest convenience, as additional security measures implemented throughout the internet in the near future are expected to cause old copies of Windows and Outlook to no longer be able to access secure email and websites that reject outdated encryption methods.

In the meantime, you should still be able to access your email securely using Thunderbird or Webmail as described above, whilst arranging for the Windows and/or Outlook upgrade to be completed.