Hi,
I know this topic has been raised before, but I can't help it after seeing Snowden on data-encryption (dutch)
http://www.nu.nl/tech/3722695/snowden-wil-techbedrijven-data-beter-versleutelen.htmlHis claim is: data encrpytion does help a lot and should be applied if possible.
I therefore strongly feel that the email server on SME server should speak TLS/SSL by default when sending and receiving email, effectively encrypting the email transport layer.
I know that talking TLS in this way does not protect us from man in the middle attacks, because you have to accept self-signed certificates (or email will become unreliable). But it does protect us from simple smtp sniffing and it does make it harder for the bad guys (NSA).
If all emailservers use TLS by default this will hamper mass-surveilance quite a bit. And as soon as a good way comes along to deal with the man in the middle problem we are ready for it.
I do realize it would be a lot of work since probably qmail won't work that way and no I am not wealthy to buy it. Just security aware.
So again my call to make SME server use TLS by default.
Sincerely, Hans-Cees