|
|
|
|
|
|
by jlgaddis
4254 days ago
|
|
|
Yeah, it's usually possible to tell just from the Received: headers. For example, here's a (slightly censored) Received: header from a recent e-mail received by my personal mail server: Received: from mail.foo.com (mail.foo.com [192.0.2.8])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by mail.bar.com (Postfix) with ESMTPS id MX8675309
for <jlgaddis@bar.com>; Mon, 20 Oct 2014 18:31:26 -0400 (EDT)
N.B.: "with ESMTPS".I'm sure that others will correct me if I'm wrong (please do!) and this almost certainly isn't foolproof (and I'm likely missing some and there are probably exceptions as well), but just from my own observations: "ESMTP" refers to a standard, unencrypted SMTP session (25/TCP), "ESMTPS" to an SMTP session where STARTTLS was used (25/TCP), "ASMTP" to an authenticated SMTP session where "full" SSL/TLS was used (e.g. 465/TCP), and "ESMTPSA" to an authenticated SMTP session where STARTTLS was used. Of course, you can't see these on any outgoing messages you send, only incoming mail. |
|
|