No Need for Black Chambers: Testing TLS in the E-mail Ecosystem at Large

TLS is the most widely used cryptographic protocol on the Internet today. While multiple recent studies focused on its use in HTTPS and the adoption rate of additional security measures over time, the usage of TLS in e-mail-related protocols is still lacking detailed insights. End-to-end encryption mechanisms like PGP are seldomly used, and as such today's confidentiality in the e-mail ecosystem is based entirely on the encryption of the transport layer. However, a large fraction of e-mails is still transmitted unencrypted, which is highly disproportionate with the sensitive nature of e-mail communication content. A well-positioned attacker may be able to intercept plaintext communication content as well as communication metadata passively and at ease. We are the first to collect and analyze the complete state of today's e-mail-related TLS configuration, for the entire IPv4 address range. Our methodology is based on commodity hardware and open-source software, and we draw a comprehensive picture of the current state of security mechanisms on the transport layer for e-mail by scanning cipher suite support which was previously considered impossible due to numerous constraints. We collected and scanned a massive dataset of 20 million IP/port combinations of all e-mail-related protocols (SMTP, POP3, IMAP). Over a time span of approx. Three months we conducted more than 10 billion TLS handshakes. Additionally, we show that securing server-to-server communication using e.g. SMTP is inherently more difficult than securing client-to-server communication, and that while the overall trend points in the right direction there are still many steps needed towards secure e-mail.