How To Send Signed & Encrypted Email With Evolution [Linux]

Ads by Google

send encrypted emailIn today’s technological world, sending encrypted messages between people has become an increasing standard. For web browsers, this has turned into a common practice, as SSL connections are constantly being used for banks and other sites that often transmit sensitive data. However, this practice has not been widely adopted for email communications, which is still a prime means of communication, contrary to popular belief. Yes, social media sites are a new way to communicate, but emails are still dominant. In order to secure your email communications, you need to sign and/or encrypt your emails.

In Linux, this is an easy task to accomplish, thanks to the presence of an easy-to-use key-generation program and a capable email client. Evolution, the default email client for the GNOME desktop, is a very capable contender to Thunderbird. For GNOME users, Evolution offers the desktop integration (for both GNOME 2 and GNOME 3 (other article)) that Thunderbird cannot offer by default. So for some it may be advantageous to use Evolution.

Preconditions

In order to be able to sign and encrypt your email, you will need to create your own key set. For instructions on that, you can read one of our other articles that covers the topic. Signing your email only requires your own key, while encrypting your email requires that both you and the recipient have each others’ public key. Remember, you use the private key to encrypt, others use your public key to decrypt.

Ads by Google

Setup

To get started, open up Evolution and go to your Preferences in the Edit menu. Double click on the account you want to enable PGP Security and go to the Security tab. In there, you’ll be able to enter the Key ID of your key set so that Evolution knows which key to grab when you write with a certain email address. Remember, you can have multiple email addresses on the same key, which is recommended to avoid confusion. Ideally a person should use one key, or two if they want to separate personal from business. If you wish, you can also set the defaults below, whether you would like to have certain options enabled each time to write a new message.

send encrypted email

Further Info

That’s all you have to do to set it up. When you write a new message, you can change the options that you have set my default in the Options menu, so if you don’t encrypt your email by default (as you probably don’t have a key from everyone you send an email to), you can still enable it for that specific message.

how to encrypt email

If, let’s say, the person receiving the message is also using Evolution, he or she will see a message like this:

send encrypted email

You see a message like above (“Signature exists, but need public key”), that means that the message is signed, but you have not imported the public key of the person who sent it. This can be done in the program that handles keys.

Encrypted messages won’t have a specific message, but will be decrypted on-the-fly provided that all the keys needed are available.

Conclusion

Protecting your email communications is a great thing to do in a world where almost anything unencrypted can be sniffed. However, not only do PGP keys help encrypt email, but they can also simply sign email so that you can verify that the email truly came from the party they claim to be. Doing that can often times be enough to feel safe about the emails you receive. Why companies that are constantly used in scams, such as banks and PayPal, aren’t using it to prove that the emails actually came from them, I do not know.

Do you think PGP signing/encryption is or will soon be a necessary security step? Are you already following this practice or will be in the future? Let us know in the comments!

Image Credit: Shutterstock

Ads by Google

4 Comments - Write a Comment

Reply

Anders

It is quite easy to use S/MIME instead of PGP.  You just need a Certificate, which is easy to get for private persons.  There are two sollutions for private persons that are free.

* CA Cert Org OSS type Certificate (not in all clients) https://www.cacert.org/
* StartComs StartSSL™ PKI (in all clients and computers)  http://www.startssl.com/

Use whichever you want.  CA Cert is a community driven Certificate CA, and StartSSL is a company with good low cost certificates.  StartSSL also allow you to use your certificate with OpenID to login securly, without using any passwords sent to server.  Which is really good.

In both you just sign in with Firefox (or Iceweisel) and when you have registred, you get a Certificat loaded into your Web Browser.  You *must* make a security copy of that, because if you loose that one, you can’t log back into the services.

So Edit -> Settings   and  Advanced -> Encryptions -> Show certificates and Your Certificates.
There you mark your Certificate and make a Backup of it.  Use good passwords.

The file (end with .p12) can then be used to put the certificate into other programs, like Evolution to sign or encrypt your messages with S/MIME.  Notice that it has both your public AND private keys there, so be careful with it!

Happy secure communication!

Anders

Danny Stieben

That’s very interesting. What are the advantages of S/MIME over PGP?

Reply

Tom

Nice article… Loved it…

But if the recipient is using some other program like Outlook, is there any way to read the mail? 

Danny Stieben

I’m pretty sure that PGP exists for Linux, so as long as there is a plugin that you can install for Outlook to use PGP, then yes. But by default, probably not.

^^That’s if the email is encrypted, and not just signed. If it’s just signed, then it’ll be fine.

Your comment