Email Security

About this report

Our email communications to our users are an important link to hundreds of millions of recipients who use X regularly.


Email Security



Latest Data




As part of our commitment to the security of our users, X has enabled a number of email security protocols over the years. Since early 2013, X has supported the security controls Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-based Message Authentication, Reporting and Conformance (DMARC) with a reject policy to combat phishing and fraudulent email.


In 2014, we began using StartTLS, which encrypts both outbound and inbound emails in transit. Assuming your email provider supports TLS, it also ensures that emails you receive from X have not been read by other parties on the way to your inbox.


We compiled this high-level overview of different providers’ email privacy practices as a way to provide greater transparency and insight to our users around how and when email security protocols are being used.




Top Domains

Other reports