How Widespread is Secure SMTP Usage?

Honest Postmaster asks: "Maybe I am a paranoid nut, or maybe I just feel like my users email is as sacred as snail mail (which we like to hope is untouched); but i have been getting a sinking feeling about all the news I have been hearing about NSA & Government agencies getting potential carte-blanch to sniff email traffic (if they didn't have such, already). I did a quick search and found RFC 2487, which seems to define secure transfer of traffic between SMTP servers using TLS/SSL. Firstly, is this truly a reasonably 'secure' solution? Secondly it seems to have actual implementations (e.g. exim), but it will only work if both client and server support it -- how widespread is its usage? is it hopeless to expect every ISP, megamail .com to get around to turning this feature on, or will sniffing just be a part of our everyday reality?"

If you want security, do it yourself..

[cmowire]

If you want security, you'll have to do it yourself, I think.

This means, use PGP and don't rely on the SSL/TLS security of your mail server.

The simple fact is that, unless you are dealing with money, it's too much trouble to properly set up TLS/SSL for a server.

And yes, both ends need to support encryption for it to work.

I mean, most websites do not use TLS/SSL, so why should most mail servers?

Is PGP really secure?

[dustpuppy]

There has been a lot of talk that PGP is the only unbreakable encryption method out there, but doesn't one find it interesting that the US government would hound Zimmerman mercilessly for years and then all of a sudden stop.

Now why would they suddenly stop harrassing him ... maybe because the RSA has finally found a way to break the PGP encryption? It's standard practice that once you know how to break someone's code, you don't ever let them know which guarantees that you can keep on reading all their transmissions.

I only ever felt secure *while* the US Government kept hounding Zimmerman. Now that they have stopped, I would assume that no email can be secured.