When you send someone else an email, your mail server connects to their
mail server to transmit the message, and spy agencies have made a
surveillance banquet out of these transactions, harvesting emails by the
billions.
A protocol called STARTTLS allows mail servers to encrypt the traffic
between them, frustrating criminals, spies, corporate spies, and other
nefarious parties (though bad guys have figured out ways to trick mail
servers into skipping the encryption step in order to keep snooping).
STARTTLS is a pain for mail server administrators to set up, though,
from the process of getting the encryption certificates to configuring
the mail server to use them (including taking the countermeasures to
stop spies from bypassing the encryption).
So the Electronic Frontier Foundation – as part of its ongoing quest to encrypt the whole internet (see also: Certbot, Let’s Encrypt, HTTPS Everywhere, and related toold) – has just released STARTTLS Everywhere,
an automated tool that generates the certificates, helps install and
configure them, and double-checks the configuration to make sure
everything is safe and secure.
Unless you run your own mail server, you can’t do anything with this: but you can
(and should) send it along to whomever administers your email and get
them to have a look. It’s totally free, and solves a real problem,
widely observed in the wild, of mass email surveillance.
