In your previous mail you wrote:
The "nicest" solution that I can see is for the ISPs to transparently
proxy port 25 to their MTA. They should offer STARTTLS.
=> I don't understand the word "transparently" here (:-). If one of
my ISPs does such things, I'll sue it immediately: we have laws in
France to protect the secrecy of private mails. I'll be surprised
if there is none in USA.
So, my packets look like:
SMTP/TLS/TCP/IPv6/IPv4-encap-v6/IPsec/IPv4.
=> yes, the protocol 50 will save us from them (I'll put this on a T-shirt :-).
Thanks
Francis(_dot_)Dupont(_at_)enst-bretagne(_dot_)fr