Salut,
On Sat, Sep 16, 2006 at 03:43:09PM +0200, Matthias Leisi wrote:
If you are a provider yourself and you do not offer it: Are there particular reasons? Is it a conscious decision not to offer it or is it that just nobody asked yet?
From a cryptographical point of view, this would be a dangerous setup. You're transmitting the same message encrypted (local MX <-> Client) as well as unencrypted (sending MX <-> local MX). This leaves you open to a known plaintext attack against your server's private key, because it gives you an opportunity to gain more and more information about the key in use, and all you have to do is send regular-looking SPAM to the user.
If every mail server on the Internet encrypted its transmissions, this method would be sure, but as long as this is not the case, there is no transport security. All the user can do is to use PGP in order to keep the contents of his/her mail secret.
Of course, SSL can be used nicely for authentication of mail servers though... But this would mean that communication with arbitrary peers is impossible, because one needs to pre-trust the public key of the communicating server (Otherwise the spammers would simply get themselves a key as well).
Tonnerre