There are two important things to be aware of when using SSL to secure email.
Caveat One. SSL does an excellent job protecting your data while it travels between application doorways, but its protection ends there - at the doorway. SSL does not protect data in either application, only on its path between them. For example, someone who obtains your email account and password may still be able to access your messages on the server, although it should be noted that SSL client authentication, if employed, might make this impossible. Also, since SSL protects passwords as they are sent across the network, they are virtually impossible to intercept, at least during the encrypted conversation between the client and server.Caveat Two. As an email message travels across the Internet it will pass through one or more SMTP servers. For example, if you are at a.com and sending mail to someone at b.com, your message will normally go to the a.com SMTP server first. The a.com SMTP server will then contact the b.com server and relay the message to it. If your client application and the a.com SMTP server both support SSL, your client will be able to send secure mail to the a.com server. However if the b.com server does not support SSL, the a.com server may send the message to the b.com server without encryption. There may be many servers involved with the delivery of a message, and unless they are all under your control, it will be impossible to ensure that your message is delivered via SSL along the entire path. Also important to note is that if the recipient's mail client application does not support SSL, your message will be retrieved without SSL protection no matter what.