Oddbean

Email wasn't designed with privacy in mind. Most emails are transmitted in plain text, making them easily readable by anyone who intercepts them, including governments, service providers, and malicious actors. If you must use email, encryption is essential to protect your privacy. The best way to encrypt email is using PGP (Pretty Good Privacy). It allows you to encrypt the content of your emails so that only the intended recipient with the correct private key can decrypt and read them. But PGP can be cumbersome for everyday use, requiring both parties to have the necessary software and keys set up. In contrast, using privacy-focused messaging apps like SimpleX, which offer end-to-end encryption by default and has no user IDs, is a more secure and user-friendly alternative to email for sensitive communication.

mostly correct. Most emails are actually encrypted in transit these days, non TLS SMTP is actually pretty rare these days (estimates say that around 90% is actually tls encrypted). you can also publish a policy that an email to your domain has to go through tls or fail delivery, protecting against active downgrading attacks. of course end to end encryption is the best, so the SimpleX recommendation (or any other e2e encrypted messenger) stands. https://juraj.bednar.io/en/blog-en/2022/05/03/encrypted-messengers-comparison/ nostr:note1853amryax4pue8mv720fstcwj923yrqgnyta5krycp3hx4slvy2s7ezqh6