Gmail users get a warning about e-mail over unencrypted connections

Google will warn users of its Gmail service when emails arrive that have been sent over unencrypted connections. That decision was taken in response to an investigation that showed that malicious parties are trying to intercept e-mail traffic.

In recent years, Google has been conducting research into email encryption in collaboration with American scientists. That reports the company on its security blog. The investigation showed, among other things, that groups are active that try to intercept e-mail traffic with fake DNS servers in order to send it to unsecured servers. For example, they attempt to undermine the sending of messages via encrypted connections, in order to then intercept the content. Based on that, Google has decided that it will issue warnings if incoming e-mail has arrived via servers with unencrypted connections.

The warnings should start appearing to Gmail users in the coming months. The warnings, of which it is still unclear what exactly they will look like, only apply to e-mail traffic with servers of e-mail providers other than Gmail; traffic between Google’s mail servers is encrypted by default. According to the internet giant, the number of emails sent over unencrypted connections between Gmail and non-Gmail users has dropped significantly in recent years.

The research Google refers to was conducted by researchers at the University of Michigan and the University of Illinois. They have their findings in a paper described which has been posted online.