Hacker News new | ask | show | jobs
by jlgaddis 4524 days ago
Google's (outgoing) servers will use STARTTLS if it is advertised by the destination mail server.
2 comments
ams6110 4523 days ago
You still have to assume that an ordinary email is a clear-text communication, no matter who you are sending it to, unless you are using PGP or S/MIME.
link
psc 4524 days ago
Never knew, do you a have a source on this? Not that I don't believe you, I just want to read more about it. A Chrome extension that shows you if STARTTLS is being used would be really neat.
link
jlgaddis 4523 days ago
Source: Me, who runs (among other things) mail servers for an ISP.

ETA:

    Received: from mail-pd0-f169.google.com (mail-pd0-f169.google.com [209.85.192.169])
    	(using TLSv1 with cipher RC4-SHA (128/128 bits))
    	(No client certificate requested)
    	by MAIL.MYDOMAIN.COM (Postfix) with ESMTPS id 1BBFA2909
    	for <ME@MYDOMAIN.COM>; Thu, 23 Jan 2014 23:00:32 -0500 (EST)
link
iso-8859-1 4524 days ago
How does Chrome have anything to do with this?
link
ams6110 4523 days ago
This is a server thing. Your mail client, web-based or otherwise, wouldn't know.
link