Encryption is effective only if you ensure that the other side - in this case mail.com - is real and not an attacker who is disguised as mail.com, for instance. This task is performed by specialist certification centers such as Telesec.

To perform the task, the certification center issues a digital certificate. In this case, a certificate is a data record that confirms that the public key for the server can be assigned to the server name ("mail.com").