Twitter emails were previously using a plain text communication protocol, that now has been upgraded to an encrypted (TLS or SSL) connection using STARTTLS.
In a blog post, Twitter announced:
"Since mid-January, we have been protecting your emails from Twitter using TLS in the form of StartTLS. StartTLS encrypts emails as they transit between sender and receiver and is designed to prevent snooping. It also ensures that emails you receive from Twitter haven't been read by other parties on the way to your inbox if your email provider supports TLS."
"These email security protocols are part of our commitment to continuous improvement in privacy protections and complement improvements like our securing of web traffic with forward secrecy and always-on HTTPS." said Josh Aberant, Postmaster at Twitter.
SSL/TLS and STARTTLS, both variants are equally secure, but the only difference is that: SSL/TLS is plain communication over an encrypted channel and STARTTLS is encrypted communication over a plain channel, which provides end-to-end encryption of emails and prevent from Man-in-the-middle attack, which is highly effective and quite difficult to detect.
TLS encryption only works if both the sender and receiver of emails support it and Twitter admire Gmail and AOL Mail, who are already supporting TSL encryption and encouraging other services to enable it, "Together, we can protect the privacy of every user." he said.
