How can I technically verify* that the e-mail I\'m sending from Gmail to Yahoo i

Question

How can I technically verify* that the e-mail I'm sending from Gmail to Yahoo is encrypted all the way from Gmail's servers to Yahoo's servers? I know that it's advised to have encryption between the mail service provider and the client's desktop, e.g. using IMAPS or SMTPS, and when using a web interface, HTTPS. But if an e-mail is sent from e.g. the web interface, then that e-mail could be sent in "plain text" format through the mail relay servers until it reaches its destination mail service provider.

Explanation / Answer

You can look at the raw email headers and see if they have pertinent information in there.

I've just looked at a few that came via Google and noticed Received: from XXXXXXXXXXXXX(XXXXXXXXXXXX. [x.x.x.x]) by mx.google.com with ESMTPS id xxxxxxxxxxxxx.73.2014.06.24.07.31.28 for version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128. That suggest to me that Google received it via encrypted SMTP.

However, I believe that the messages that email servers place in the headers do not follow any mandatory standard and therefore it could be delivered via an encrypted SMTP connection even when the headers don't state that. I suppose it's unlikely (but not impossible) that any service provider would claim that they received it via encrypted SMTP when they haven't, so it's a safe bet that if all your hops are encrypted then you're OK (but not guaranteed).

Related Questions

Navigate

• Browse (All)
• Browse H
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.