The analysis carried out by the Facebook researchers shows that STARTTLS is already widely supported by email servers, even though there are certificate management issues that could be resolved.
"We see two high priority areas for improvement," the Facebook researchers said. "First, we encourage the industry to work together to develop better tools for preventing mismatched certificates. Second, we encourage everyone to deploy support for opportunistic encryption via STARTTLS."
"A system deploying STARTTLS support for the first time can expect more than half of its outbound email to be encrypted," they said.
Sign up for CIO Asia eNewsletters.