Comment by okadaka
12 years ago
SMTP (mail protocol) between providers is unencrypted anyway. So, if I send email from gmail to ycombinator, it goes to ycombinator SMTP server unencrypted and can be tapped by anyone with access to the wire. Still, clear traffic between Google's own data centers is inexcusable. They are exposing my data to more risk.
I thought you were wrong about that, but when I went looking for a source, I found out you're right. As of June, major email providers other than Google did not support encryption for inbound emails[1]. That's disappointing.
Note there's no technical reason they couldn't. Also, Fastmail.fm, while arguably not really a major player, is an exception, supporting encryption on inbound emails since 2009[2].
I just verified this via http://www.checktls.com. A later blog post in 2010 says Fastmail enabled it for outbound email as well. So mail sent from Gmail to Fastmail or vice versa is encrypted between the two providers.
It's a start. I really thought I had read something about Microsoft enabling this on their email service, too, but I must be misremembering. All we can do is hope more big providers turn it on.
1. http://news.cnet.com/8301-13578_3-57590389-38/how-web-mail-p...
2. http://blog.fastmail.fm/2009/04/16/opportunistic-ssltls-encr...