Company X has clients without look which make an encrypted connection to the corporate exchange server.
The exchange server has an encrypted send connector to an exchange cloud provider.
At this point when client sends email to someone outside the organization, I can assume traffic is encrypted all the way to the cloud. At that point shall I assume that from the cloud to the destination mail server will likely be unencrypted?
What method would someone use to intercept the email from the cloud to the destination mail server?