The Electronic Frontier Foundation encourages the use of STARTTLS, and has launched the 'STARTTLS Everywhere' initiative to "make it simple and easy for everyone to help ensure their communications (over email) aren’t vulnerable to mass surveillance.
DANE is a proposed standard that makes an incremental transition to verified encryption for Internet mail delivery possible.
There are various software and email-client plugins that allow users to encrypt the message using the recipient's public key before sending it.
OpenPGP provides a way for the end users to encrypt the email without any support from the server and be sure that only the intended recipient can read it.
Previous barriers to adoption were overcome, including the use of a PKI bridge to provide a scalable public key infrastructure (PKI) and the use of network security guards checking encrypted content passing in and out of corporate network boundaries to avoid encryption being used to hide malware introduction and information leakage.
This is typically straightforward; a valid certificate must be obtained and STARTTLS must be enabled on the receiving organization's email server.
Researchers at Carnegie Mellon University published a paper in 1999 showing that most people couldn't figure out how to sign and encrypt messages using the current version of PGP.
[13] Eight years later, another group of Carnegie Mellon researchers published a follow-up paper saying that, although a newer version of PGP made it easy to decrypt messages, most people still struggled with encrypting and signing messages, finding and verifying other people's public encryption keys, and sharing their own keys.
Instead of relying on voluntary co-operation, automated encryption, based on defined policies, takes the decision and the process out of the users' hands.
[15] If the recipient works at an organization that uses the same encryption gateway appliance, emails are automatically decrypted, making the process transparent to the user.
Recipients who are not behind an encryption gateway then need to take an extra step, either procuring the public key, or logging into an online portal to retrieve the message.