On Tue, 22 Aug 2017, Ivan Warren wrote: > Le 8/22/2017 à 10:03 AM, Robert Wolf a écrit : > > > > WRONG!!! The email is stored plain-text on the first server and then it can > > be > > sent to other few MX servers over plain-text connection. I.e. encrypted > > connection does not protect emails, but the authentication credentials. > > > > > Indeed. > > Encrypted (SSL/TLS) SMTP/IMAP/POP3 sessions only server 1 purpose : To encrypt > authentication. Once a message is sent through a MTA, there is no guarantee of > privacy whatsoever. > > End to End privacy can only be achieved through actual e-mail signing and > encryption (PGP, S/MIME) (but only the message body is encrypted, not the > headers).
Hello Ivan yes, headers are not encrypted in plain-text SMTP, the same way as TCP and IP and DNS Requests are not encrypted. One can only hide behind some anonymization system (TOR, Proxy, VPN for TCP, IP, DNS) or some non-presonal mail system to anonymize mail headers to not be able to connect real persones with mail sender/recipient. Regards, Robert.