[zeta0134]

I was trying to do some research to refute this claim, and my ignorance of email standards has once again reared its ugly head. I thought DKIM was for encryption, but it's apparently just for verification? Email is still primarily sent in the clear?

I'm at a loss. What a mess.

[simon_acca]

Email is not primarily sent in the clear these days, most providers implement SMTP over SSL/TLS, here you can find some nice stats of such traffic that passes trough google[0].

Of course this means that emails are only encrypted "in transit", that is, in the transmission from server to server, so you have to trust your provider.

On the contrary, PGP gives you end-to-end encryption, so you only have to trust your machine and your correspondent 's.

0: https://www.google.com/transparencyreport/saferemail/

[johnp_]

DKIM solves authenticity and integrity, but not privacy.

[DKnoll]

Domain Keys Identified Mail. ;)