Why is SMTP over SSL between email servers not so popular?

Question

In my understanding, most of email servers use SMTP/POP/IMAP over SSL to encrypt the email.
It supports encryption when client (UA) send email to server (MTA) and UA receive email from MTA. However, not so many MTAs can encrypt when they send email between MTA to MTA.
(is my understanding correct?)

e.g. alice@somewhere.com send email to bob@anywhere.org
[Alice's PC] --- encrypted (SMTPS) ---> [somewhere.com server] --- NOT ENCRYPTED (SMTP) ---> [anywhere.org server] --- encrypted (POPS or IMAPS) ---> [Bob's PC]

If my understanding is correct, why most email servers don't support SMTP over SSL between email servers?

I develop better (less complex) interface to enable email encryption with PGP/GPG, but these days I think it may be better to use SMTPS because PGP/GPG needs manual key signing to keep reliability.

Answer 1

Good question, I really haven't seen any figures for this. I'm not sure, but I think many large companies now support SSL/TLS for inbound and outbound SMTP ("MX" mail delivery). This is normally optional and can be negotiated via StartTLS on port 25. Most SMTP servers do not require server to server TLS, however, as it would mean many would not be able to receive mail from an MTA that does not support or is not configured for TLS.

Many email clients support TLS between the UA and MTA - either SMTP/IMAP over SSL or POP3 over SSL. I think gmail for example requires SSL/TLS for IMAP and POP3.

Regarding actual end to end email encryption, this is normally achieved using S/MIME or PGP. However, due to the complexities in setting this up and managing it, it has not seen wide-scale adoption.