I take credit card payments via an online form on a secure page:
https://www.werentcolumbus.com/payment1.html

What is submitted comes to me by email.

I've been told that even though the info is entered on a Secure Page, the info is not really secure while it's on it's way to me by email.

OK, that makes sense.

... so when I email the person a receipt, I always erase the first part of their credit card number so only the last 4 shows.

But considering the fact that I am sometimes emailed very sensitive things (like username and password to webhosting accounts, etc.) then it seems to me that this means either
1. Info sent by email is really pretty secure, or
2. My web host (and others who email sensitive info) has a dangerous practice in emailing this type of info.

... so what's the bottom line?: How secure is info contained in an email?

It depends on who's looking. That unecrypted mail is pretty much open to anyone who wants to look. The question is who really wants to look. The problem is, for someone to look, they either have to capture tons of mail and sift through them or put a tap on your mail specifically. So the issue isn't one of not being able to read mail, but one of being able to read specific mails. The sheer volume of e-mail pretty much precludes anyone without the resources of a government from getting info from your mail, except by accident.

I use Outlook Express and have "Encrypt contents and attachments for all outgoing messages" checked - with 168bits as the Advanced option.

... so does that help affirm what you're saying even more?

If you have encryption on, then it makes it even harder to find usuable info in the billions of data packets.