As a student of computational linguistics my first idea was to try it statistically:
As far as I know encrypted messages do not contain spaces. So you could tokenize the email body into words, and calculate the average length of the words. Try this on some other mails or texts and see how the average length differs.
It may be a bit extravagant, but is more effective than looking for a substring: for example someone may send a webpage or text dealing with encryption or the latest NSA leaks ;-)