Update Aug 9, 2013: The biggest German email providers are currently running a big marketing campaign and promise secure email. They are using the same technique described on this page. After checking my logs, I can confirm that GMX-emails were delivered unencrypted on Aug 5, but arrived encrypted on Aug 6.
Thanks to Mr. Snowden, we know two important facts about the world of security and email:
First, most governments in the world will eavesdrop and store your communication, if they get the chance. They don’t have a specific reason and the benefits are highly disputed.
Second, your users can’t/won’t use PGP or S/MIME to encrypt their email.
The job is left to admins. We need to maximize usability and compatibility, while ensuring that user data stays confidential. If you are running Postfix, I’d like to draw your attention to some useful settings that will protect your user’s email in transit. If emails stay on the same server or the other server is secured as well, there is little chance to intercept messages on a big scale. If your users are sending emails to Gmail or Hotmail, then interception is still possible at the receiving end.
Figure 1: Vulnerability of email-messages in transit.