This is my belief as well. A few years ago I worked for a company that sold packet capture appliances to unnamed government agencies. The higher end appliances were capable of 10Gb/s packet to disk streaming. I helped write a search interface for the resulting data capable of the type of filtering and data reconstruction described. If organizations directly, indirectly, knowingly or unknowingly allowed the NSA to tap Internet links, they could theoretically provide full data access, while at the same time publicly deny direct server or backdoor access.
When I left they hadn't worked it out, only plaintext artifacts could be extracted. There was discussion of server plugins to intercept and store SSL keys and later use those to decrypt data, but this would require endpoint access and complex interaction back to the appliance. However, in the case of email, although you might utilize encrypted protocols to send/receive, a direct or indirect recipient might not, so at some point the message may cross the wire in plaintext.
For a government agency like the NSA, that's easily accomplished by a man-in-the-middle attack. They can almost certainly convince multiple US-based certificate authorities to give them a certificate that will be included in the default set of trusted certificates by all mainstream browsers. They would only have problems with the very small number of people who are both paranoid and tech-savvy enough to change the certificates that there browser trusts.
Chrome, at least, has certificate pinning for Google properties (and perhaps some other big sites?), which prevent the use of a different but otherwise valid certificate from a trusted CA.
