E-mail notifications often contain the before and after images of an edit to a page in their notification update to subscribed watchers. These notifications are sent over SMTP unencrypted (and are therefore insecure). If a page contains commercially sensitive information, we need a mechanism for inhibiting SMTP messages being sent for that page. We don't wish to enforce this at SPACE or SITE level because that would remove the usefulness of notifications. Could we suggest that the "Watching" functionality be enhanced such that a user can disable notifications for page content on sensitive pages, and once disabled, only a site administrator can re-enable.

Without this we cannot use Confluence for a proportion of our use-cases, and we risk the termination of Confluence as a supported platform for ISO27001 compliant work.