Opportunistic encryption can also be used for specific traffic like e-mail using the SMTP STARTTLS extension for relaying messages across the Internet, or the Internet Message Access Protocol (IMAP) STARTTLS extension for reading e-mail. With this implementation, it is not necessary to obtain a certificate from a certificate authority, as a self-signed certificate can be used.
- RFC 2595 Using TLS with IMAP, POP3 and ACAP
- RFC 3207 SMTP Service Extension for Secure SMTP over TLS
- STARTTLS and postfix
- STARTTLS and Exchange
Many systems employ a variant with third-party add-ons to traditional email packages by first attempting to obtain an encryption key and if unsuccessful, then sending the email in the clear. PGP, Hushmail, and Ciphire, among others can all be set up to work in this mode.
Read more about this topic: Opportunistic Encryption