HTTPS by default is 100% encrypted by default and protected with 2,048 bit certificates. This encryption extends to your emails, attachments, contacts, as well as Calendar and Messenger in Mail. The new enhancement will now boost-up the privacy and security for Yahoo users, whether it’s on the web, mobile web, or via IMAP, POP or SMTP. Other major webmail providers, including Gmail has already added HTTPS by by default from last few years. But still this is not enough to protect users from NSA breach.
Source: https://thehackernews.com/2014/01/yahoo-mail-turns-on-https-encryption-by.html