From what I can tell, it would appear that this system is still vulnerable to some level of traffic analysis. Last I checked the messages are identical as they are sent around the network, so it should be possible to observe the origin of a message by observing the first node to transmit that binary string. A similar approach could be used to identify receivers if the acknowledge messages are enabled. While this doesn't get you the content of the messages it does leak some information about the sender and receiver which bitmessage should be hiding. This level of traffic analysis might seem unrealistic, but there doesn't seem to be a good way to detect 'evil' clients which could watch a large portion of the total network without too much resources (in theory).
There are some recommendations on the other forums about using tor to make this information less useful, but that is not what the system uses by default.
All users receive all messages. The only sort of traffic analysis you can do with this is to harvest all of the peers. You have no idea who is sending messages to whom.
Well if you can get a handful of nodes between the sender and receiver you can start to narrow down on which peers are sending what to whom. This is partly the same sort of traffic analysis that is use against TOR.
Unless I'm mistaken if you can see all the traffic a sender can be identified by being the first node to produce a set cyphertext. As the delays seem to be fairly short for the acknowledge messages, there is some chance that the receiver can be identified in a similar way.
eg
node A broadcasts C1 which has not been observed before
nodes B,C,D propagate the cyphertext C1
node D broadcasts C2 shortly after receiving C1
nodes A,B,C propagate C2
etc
Of course seeing this pattern in practice might be hard, but it still seems like a possible attack vector given the current system.
There are some recommendations on the other forums about using tor to make this information less useful, but that is not what the system uses by default.