|
|
|
|
|
|
by Matt_Cutts
3523 days ago
|
|
|
It looks like 80-85% of emails to/from Google are encrypted in transit, according to this page: https://www.google.com/transparencyreport/saferemail/ Encryption at rest is still a difficult UX/UI issue, but encryption during transit seems like something that most mail providers can get behind. |
|
|
The question of user-level IMAP/POP/SMTP access is different, but I'd expect somewhere in the region of 95+%. Note that the IMAP specification prohibits authentication that sends passwords in the plaintext [1] (although I don't know if the various IMAP servers permit AUTHENTICATE PLAIN before STARTTLS--checking, Outlook doesn't, and the other servers I had access to aren't open on 143 anyways), which means IMAP in practice requires SSL.
[1] The alternative is to use schemes like CRAM-MD5 or SCRAM-SHA-1 which don't send the password in plaintext, although these have become quite rare in practice.