> you can be absolutely certain that all your comms will be recorded/stored >> That's why there are things like VPN, IMAP/POP over SSL and StartTLS.
Which only covers your transit to them. All your mail between providers is still wide open. > (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) Exactly. Everyone on the net seriously needs to be turning on oppurtunistic encryption for all services. Crypto has little cpu cost these days compared to the gain in privacy. The last bit would be to store the data encrypted. That's easy at the provider spindles, but breaks down if you want to provide your own key for it. So you're left with OpenPGP, FUSE, etc. Anyhow, whoever was going to put a table of providers up on the wiki with little columns for https, imaps, pop3s, smtps, 'verification/tracking' requirements, etc... deserves some thanks.

