The issue is - how do I know that the mail server I am sending the
message to is the one I should be sending the message to? If I don't
know that with a good degree of certainty, then using TLS won't
achieve security, because I could simply be dumping my messages on a
DNS, IP addresses and certificates could all be subverted by a
government at a 'choke point' such as an international link.
Which is exactly what's already happening in many countries, e.g.,
Syria. Go ahead and use TLS all you want -- it won't help, because all
the servers to which you can get IP-level connectivity are government run.
ietf-smtp mailing list