Aaron Zauner presented preliminary results on TLS usage in email
Aaron Zauner presented our preliminary results on the usage of TLS in the email ecosystem at the IETF meeting last week. As part of our project TLSiP we are actively scanning the Internet (/0) for TLS configurations as well as its problems with it.
As expected, TLS in email is way worse than in HTTPS: RC4 is supported by up to 80% across protocols, half of the certificates are self-signed and weak ciphers like RC2-CBC-MD5 are accepted by 40% of the servers using SMTP.
You can find the slides of his presentation here.