Encryption is effective only if you ensure that the other side - in this case GMX - is real and not an attacker who is disguised as GMX, for instance. This task is performed by specialist certification centers such as Telesec.
To perform the task, the certification center issues a digital certificate. In this case, a certificate is a data record that confirms that the public key for the server can be assigned to the server name ("gmx.com").