A: The concept is similar to HTTP and HTTPS. Secure mail access is a process that establishes an encrypted connection between you and the server, so that no one else (or machine) can observe the content that you are transferring, including your password and email content.

A: Your password is. If your password is exposed, the person may gain control of your email account, logging in to your webmail system (and even changing your password), grabbing all your contacts and, most importantly, using your identity to send out malicious emails. You will get blacklisted, your business associates will make payment to the hackers’ bank accounts, or even get email with ransomware from you.

A: That's because each secure certificate has to verify against the server name that you connect to. If you connect to mail.your-domain.com, your mail application will warn you as the certificate belongs to someone else like *.agnx.com. You can safely accept the certificate coming from agnx.com as it is AfterOffice Global Network Exchange domain.

A: Yes if you are still connecting to your mail server without SSL or STARTTLS. Not necessary (but good to have) if you've already connected with SSL or STARTTLS. It is safe to use “plain” password authentication once your connection is secured.