However, if Let‘s encrypt were to support S/MIME certificates, it would have a far greater impact. Since a few years, we have an almost comical situation with email encryption: Finally, most important mail user agents (aka mail clients) support S/MIME encryption out of the box. But you need a certificate from a CA to have a smooth user experience, just like with the web. However, all CAs that offer free trustworthy¹ S/MIME certificates with a duration of a year or more² have disappeared. The result: No private entities are using email encryption.
(PGP remains unused outside of geek circles because it is too awkward to use.)
Let‘s encrypt our emails!
¹ A certificate isn‘t trustworthy if the CA generates the secret key for you.
² With S/MIME you need to keep your old certificates around to decrypt old mails, so having a new one frequently is not practical