How Widespread is Secure SMTP Usage?

Honest Postmaster asks: "Maybe I am a paranoid nut, or maybe I just feel like my users email is as sacred as snail mail (which we like to hope is untouched); but i have been getting a sinking feeling about all the news I have been hearing about NSA & Government agencies getting potential carte-blanch to sniff email traffic (if they didn't have such, already). I did a quick search and found RFC 2487, which seems to define secure transfer of traffic between SMTP servers using TLS/SSL. Firstly, is this truly a reasonably 'secure' solution? Secondly it seems to have actual implementations (e.g. exim), but it will only work if both client and server support it -- how widespread is its usage? is it hopeless to expect every ISP, megamail .com to get around to turning this feature on, or will sniffing just be a part of our everyday reality?"

If you want security, do it yourself..

[cmowire]

If you want security, you'll have to do it yourself, I think.

This means, use PGP and don't rely on the SSL/TLS security of your mail server.

The simple fact is that, unless you are dealing with money, it's too much trouble to properly set up TLS/SSL for a server.

And yes, both ends need to support encryption for it to work.

I mean, most websites do not use TLS/SSL, so why should most mail servers?