Thread: How secure was / is email
View Single Post
  #20   Report Post  
Posted to uk.d-i-y
Mathew Newton[_2_] Mathew Newton[_2_] is offline
external usenet poster
  
Posts: 524
Default How secure was / is email
On Thursday, 24 January 2019 09:12:18 UTC, The Natural Philosopher wrote:
On 24/01/2019 00:45, Biggles wrote:
Internet mail between servers uses SMTP which isn't
encrypted.

pretty sure it can be and routinely is. But not universally.

It's getting there. Most large-scale tests report e.g. (https://transparencyreport.google.co...overview?hl=en) that ~90% of all SMTP traffic is now encrypted in transit.

The vast majority of this is with opportunistic TLS which is pretty much as vulnerable to compromise to no TLS at all as the session initiation is performed in the clear and thus is vulnerable to a man-in-the-middle attack. Mandatory TLS for all SMTP traffic is becoming the ultimate goal with various mechanisms now emerging to enabled a gradual move towards that.

Reply With QuoteReply With Quote