Is Email Confidential in Transit Yet?

It is fine for emails to not be encrypted. The bad behavior is being performed by people who expect them to be encrypted. They are maybe-encrypted. If you have an actual need for security, like resetting a password that actually matters, they <i>must</i> be treated as they were designed: non-encrypted, the postcard of the Internet.<p>If you want encrypted emails, you want some other type of messenger. If you insist on encrypted emails, use PGP or something I guess.

For anything high-value, just assume &quot;no&quot;. Sure, assuming &quot;yes&quot; is far more convenient. And feels much nicer too. But even if you&#x27;re familiar with <i>all</i> of the infrastructure that an email message will see between you and the recipient...yeah. Email is a top target for nation-state actors, A List criminal organizations, and on down a long line from there. If the Blue Teams - or one of their many and historically problematic vendors - make even one mistake, that&#x27;s all it takes.