I would like to have certainty that my emails content is encrypted when are sent by internet.I have simple service in node.js where I am using nodemailer. I've tried many different configurations for transporter. For now it is:
const transporter = nodemailer.createTransport({ host: 'hostName', port: 465, secure: false, tls: { ciphers: 'SSLv3' } })When I try to force using STARTTLS with this configuration, for ports: 25, 465, 597:
requireTLS: true,secure: false,I have this error: Error upgrading connection with STARTTLS: 500 5.3.3 Unrecognized commandSo it is clear that my server does not support STARTTLS.
When I try to force using TLS with:
requireTLS: true,I have error: 4605283776:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../deps/openssl/openssl/ssl/record/ssl3_record.c:332: so probably it means that I am trying to open a TLS connection against cleartext port (as said here: https://github.com/nodemailer/nodemailer/issues/993
So I can assume that my email are not secure and they are sent as plaintext. But ... when I am trying to check it by viewing headers of raw messages, I can see that TLS is used, (some data was changed for security)
by mx.google.com with ESMTPS id s233id293944.29.2020.04.20.09.26.18 for <example@g.domain.org> (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 20 Apr 2020 09:26:18 -0700 (PDT)So why TLS is here? I think that I do not understand it and I am not sure if my emails are encrypted or not. I'll be grateful for any clafirications.