Comment Opportunistic encryption (Score 1) 601
Ultimately decisions about email encryption come down to what threats you think you might be protecting yourself against. I have a PGP key, and on occasion I use it to sign and decrypt emails when I think it matters. The rest of the time I send mail, over SSL, through my own mail server, which will use SMTP's 'startTLS' command whenever possible. Most people I know read their mail either using SSH on the machine that runs the mail server or over some SSL-protected IMAP or webmail interface. Thus, for most cases, the mail is encrypted in transit but never encrypted on the servers. If the threat is one of people eavesdropping then this keeps me safe; if the threat is one of hackers targeting one of the mail servers then it doesn't. Most of my mail doesn't warrant any more effort to achieve any more security.