Consider an email sent from <some_user>@gmail.com
to <some_other_user>@gmail.com
. Aside from the HTTPS
encryption that each user has with the server, I presume emails have to be stored and often exchanged between Google's email servers.
Are these communications encrypted?
For example, my understanding is that content sent with SMTP
without SSL
is sent in plain text, making it relatively easier for any eavesdropper / man-in-the-middle to see the content of the communication.
What protocol does Gmail use to in end-to-end communications between Gmail users?
Is it known to be encrypted (even if minimally) all the way from client to client?
How "safe" does Google officially claim these communications are?
Best Answer
From the official Gmail blog dated Thursday, March 20, 2014 at: http://gmailblog.blogspot.com/2014/03/staying-at-forefront-of-email-security.html
Google also provides a page where you can check which providers support email encryption in transit (between domains): http://www.google.com/transparencyreport/saferemail/#search=gmail.com