The words of Steve Furlong: -- begin quote -- I've been trying to find evidence of this, too. I've sent messages to self from several versions of Netscape Messenger on Windows and FreeBSD, then examined the headers. -- end quote -- You're looking in the wrong place. The "help fields" would be somewhere in the SSL tunnel setup. That's where the Wells Fargo case came to light. Suddenly one day, the banking site required me to "upgrade" my browser, allegedly because of an expired certificate. As others have mentioned, simply upgrading the cert itself didn't satisfy the site. So ostensibly, the NSA, et al, have a bit of assistance in cracking the 128-bit SSL session. You may recall a few years ago when the information lifetime of 40-bit SSL fell somewhere below 3 hours, given access to enough parallel CPU (like a college workstation farm). Moore's Law hasn't slowed down. I'd be surprised if 40-bit could stand much more than an hour of dedicated attack today, if even that. And these rumored "help fields" could easily reduce the keyspace far below 40 bits, if they don't simply expose the whole key to a knowledgable eavesdropper. "They" don't care much about your email... "they" want your bank balance and credit card numbers.