It's not nice to think that other people might be reading through your private emails, but it's an unfortunate fact of life that they can. Here's how you can send encrypted emails on Linux with Evolution.

Your Emails Aren’t as Private as You Think

sneaky looking boy reading a letter by torch

It's difficult to have an honest conversation when you know that other people may be listening in, and you wouldn't hold the same conversations in public that you might in private.

While encrypted connections have become standard on the web, these are only effective at preventing man-in-the-middle attacks on traffic in transit. The messages you send via email are, in most cases, easily read by your email provider while they're sitting, at rest, on the server.

If you run your own email server, the provider is you. For most people, the tens of thousands of communications in your inbox are exposed to Google—a surveillance advertising corporation that, according to CNN, only stopped scanning emails for advertising purposes in 2017, and according to The Guardian, still scans your emails for a variety of other reasons.

Even if you fully embrace the advertising economy having access to your communications, and are in love with Gmail's smart features, you need to consider the danger presented by rogue employees. In 2019, for instance, the Department of Justice reported that Yahoo software engineer, Reyes Daniel Ruiz, had used his privileged access to download terabytes of personal images and videos from email accounts.

As if that wasn't enough, Google also maintains an easy-to-use web portal for law enforcement agencies to request your data—including emails.

By encrypting your emails, you can ensure that they won't be scanned to better serve you ads, you won't have your pictures stolen by unscrupulous techs, and the police won't be poring over your plans for the weekend.

Unfortunately, you'll lose access to smart features such as smart replies and AI-generated text. In our opinion, it's a sacrifice worth making.

PGP Lets You Send and Receive Emails Confidentially

dead postbox in a dry landscape

PGP (Pretty Good Privacy) is one of several email security protocols and lets anyone send you encrypted emails, which means that you're the only person who can open them. It does this by generating two keys—the first is the public key that you can and should publish in your email signature, and anywhere you have a web presence. You should also encourage your friends and colleagues to use it whenever they send an email to you.

The second key is the private key, and only this key can decrypt messages encrypted with the public key.

Used together, and provided you keep your private key private, your emails are almost certain to remain confidential.

Turn On IMAP in Gmail

While we're aware that other email providers exist, Gmail is easily the most popular worldwide. To use Gmail with an email client such as Evolution, you first need to enable IMAP from within Gmail.

From the main Gmail interface, click the gear icon in the top right of the screen to open the settings menu. Click Settings > Forwarding and POP/IMAP. Check off the Enable IMAP radio button, then Save changes.

enable imap in gmail

Configure Evolution to Work With Your Email Service

Evolution is one of the best email clients for Linux, and if it doesn't come preinstalled with your distro, you can easily install it from the default repositories.

Open Evolution from your system menu, and complete the wizard. Enter your email address, and click Next. Evolution should automatically fill in the IMAP and SMTP settings for your email provider. After you click Apply, you will have to sign into your email account and authorize Evolution.

You can now send and receive emails using Evolution.

Send and Receive PGP-Encrypted Email From Your Linux Desktop

To send PGP encrypted emails with Evolution, you first need to generate encryption keys with Seahorse. While Seahorse comes built into GNOME, it's available in the Arch User Repository (AUR), or if you have Flatpak enabled, you can also install Seahorse with:

        flatpak install flathub org.gnome.seahorse.Application
    

With your PGP keys generated, open Seahorse again, double-click on the key you want to use, and on the next screen, copy the key ID to your clipboard.

seahorse find key id

In Evolution, click the hamburger icon in the top right, then Edit > Preferences. Click on the account for which you want to enable PGP and press Edit.

Locate the Security entry, and click it to open a new menu.

Paste your PGP key into the OpenPGP Key ID field, then select the options you want to use.

If you choose to always sign the messages you send, you'll need to enter your passphrase for each email you send, and the recipient will see that it's an OpenPGP-signed message and be able to verify that it's from you.

evolution open pgp options

To send encrypted messages using someone else's public key you must first import it.

In Seahorse, click the hamburger icon, then Find Remote Keys. Type in the recipient's name or email address then press Enter, and select the correct entry from the list. Click the Import button to import the public key into Seahorse.

Back in Evolution, compose your email, then click the menu icon, then Options > PGP Encrypt.

choose to encrpt email in evolution

When you press Send, the message will be sent to the receiver. To anyone without the corresponding private key, the message will appear as jumbled garbage.

pgp encrypted mail appears as garbage in snappymail

If you try to send a PGP-encrypted message to an email address for which you haven't imported the public key, this process will fail.

Evolution will automatically decrypt any properly PGP-encrypted messages sent to you.

PGP Encryption on Linux Is Easy With Seahorse and Evolution

Encryption doesn't have to be difficult, and it's important to take responsibility for your data security, as well as encourage others to do the same.

Try and get into the habit of encrypting all your communications, and don't rely on third-party messenger and email providers to keep your messages private.