Infomaniak claims to use TLS, but
The first link in the TLS chain is executed via a purely internal network by the webmail and Smtp servers and is not available in TLS for performance reasons.
is this normal, acceptable, irrelevant, standard, a red flag?
they are the biggest hosting provider of Switzerland, so I somehow have a hard time believing, they lack resources to implement TLS right.
The gain would be that an attacker having a foothold on the internal network (by having a physical access or hacking a device on it) would be able to sniff and modify outgoing emails.
I’m a bit sceptical about the performance claim on modern hardware.
That said it’s not a completely unreasonable tradeoff.
If an attacker is already inside and has access to a server, they have bigger problems to worry about.
deleted by creator