Table of Contents
SMTP STARTTLS
When an email server sends an email to another email server it can negotiate a secure encrypted connection using a process called STARTTLS. STARTTLS is a way to set up a TLS encrypted connection between two entities on the network on a catch as catch can basis. TLS is more famously used to secure the connections between web browsers and web servers.
STARTTLS has some implications for PGP protected email.
Good News
STARTTLS will protect email meta information from passive observers on the network. For email the meta information is mostly source and destination email addresses with some routing information. The most important bit of meta information protected is that the email is encrypted. If someone is passively watching traffic on the network they will not be able to selectively record encrypted messages off the network with the hope of breaking the encryption later.
These days (2020) it is quite widely (90%+) deployed 1)2). Since the connection between mail clients and mail servers is almost always also encrypted with TLS the result is that most email is protected with STARTTLS while on the network.
Bad News
STARTTLS as implemented now is fairly easy to interfere with on the network. Someone who can change traffic on the network can force the email servers to downgrade to no encryption at all. If such interference is done on a wide scale it would be publicly noticed so such attacks would be directed against particular entities in most political environments.
STARTTLS does not protect email on any email servers used. The operators of those servers have complete and easy access to your emails.
If you or one of your correspondents uses an email server that does not support STARTTLS then all messages exchanged with that correspondent will not have the protection of STARTTLS. Wide deployment might not actually help for what could be your most private case.
As a result, STARTTLS should be considered an enhancement but not any sort of substitute for end to end email encryption.
Checking for STARTTLS
In some cases it might be useful to know if STARTTLS is being used between you and a particular correspondent. That information is available in the header of the email. Search through the header information until you find the Received:
section that corresponds to your email server (usually the first one). An example:
Received: from mail-dm6nam12olkn2107.outbound.protection.outlook.com ([40.93.27.101] helo=NAM12-DM6-obe.outbound.protection.outlook.com) by mail.example.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.3) (envelope-from <pgpuser375@hotmail.com>) id 1jmh18-000Ebg-Kf for pgpfan@example.com; Sat, 20 Jun 2020 12:10:59 -0500
Here I recognize my email server as mail.example.com
. Since I see esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
I can conclude that the email transfer to my email server was protected by STARTTLS. Formats vary but you really only have to see the “TLS” part.
Because the email headers can be changed by someone interfering with the network connection a finding of “STARTTLS used” is not entirely definite. A finding of “STARTTLS not used” is quite definite.