Server-to-server e-mail encryption using the STARTTLS protocol has reached an important tipping point that hardens the majority of messages Facebook sends its users against wholesale snooping by well-financed adversaries, according to figures released Tuesday by the site.

The social network said 58 percent of the notification e-mails it sends users are successfully encrypted using STARTTLS. Even more impressive, 76 percent of unique Mail Exchange hostnames are set up to support the protection, although only about half of them use valid digital certificates to cryptographically validate connections. STARTTLS ensures that plaintext e-mails are encrypted before being transferred from the sending server to the receiving server. Amid revelations of an expansive surveillance program by the National Security Agency and other state-sponsored groups, the extension is seen as a way of thwarting such programs or at least making them more costly to carry out. But like most network-based technologies, its value is proportional to the square of the number of servers that use it, meaning it provides benefit only when widely used.

"It's clear to us that STARTTLS has achieved critical mass and there is immediate value in deploying it," Facebook officials wrote in a blog post. "We encourage anyone who has not already deployed STARTTLS to at least deploy it for opportunistic encryption. As more systems support e-mail encryption, the value increases for everyone."

"Opportunistic encryption," in this case, refers to a server that uses STARTTLS to encrypt e-mails but skips the additional step of validating itself to other servers and ensuring other servers validate themselves. The validation requires e-mail servers to rely on the same type of digital certificates used in the transfer layer security protocol protecting millions of websites. The call by Facebook that sites implement at least some of the protections provided by STARTTLS is a pragmatic approach. Critics often counter that encryption provides little real benefit unless each party first takes the time to validate the identity of the other party. If at all possible, sites that enable STARTTLS should take the additional step of using a valid certificate that will ensure TLS validation isn't skipped.

End users should remember that STARTTLS isn't a substitute for end-to-end encryption such as GnuPG. That's because STARTTLS encrypts messages only when they're transferred wholesale from one mail server to another. People with trusted access to either server could still monitor the e-mail contents, as might someone on the same local network as the sender or receiver (depending on the type of connection). GnuPG, by contrast, provides a much higher degree of assurance that only the end users can read the contents. For a primer on using GPG and S/MIME, see last year's Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away?