haha - knowing some of the Readify guys to be very skilled your judgment might not be 100% founded, but i have definitely experienced the "pockets" of which you speak.

Lol - agreed, although send grid is more my favourite especially for small sites where the free account that allows for 200 emails usually covers you

lol - thats what happens when you get a developer to design a site.

its on the never ending list of todo's thats for sure

interesting you've found that about BES - link?

EDIT: It's mostly about BIS; BES servers can actually implement end-to-end, if they're IT department enables the S/MIME module and create, distribute and teach users how to use PKI certificates. But if you're not doing that, you're not really protected.

This[1] document from the Communications Security Establishment of Canada explains it well. Citing:

    PIN-to-PIN transmission security: PIN-to-PIN is not suitable for exchanging 
    sensitive messages. Although PIN-to-PIN messages are encrypted using 
    Triple-DES, the key used is a global cryptographic “key” that is common to 
    every BlackBerry device all over the world. This means any BlackBerry device 
    can potentially decrypt all PIN-to-PIN messages sent by any other BlackBerry 
    device, if the messages can be intercepted and the destination PIN spoofed. 
    Further, unfriendly third parties who know the key could potentially use it to 
    decrypt messages captured over the air. Note that the “BlackBerry Solution 
    Security Technical Overview” document published by RIM specifically 
    advises users to “consider PIN messages as scrambled, not encrypted”. 

[1]: http://www.cse-cst.gc.ca/its-sti/publications/itsb-bsti/itsb...