How To Send Signed & Encrypted Email With Evolution [Linux]

Danny Stieben 06-06-2011

<firstimage=”//” />send encrypted emailIn today’s technological world, sending encrypted messages between people has become an increasing standard. For web browsers, this has turned into a common practice, as SSL connections are constantly being used for banks and other sites that often transmit sensitive data. However, this practice has not been widely adopted for email communications, which is still a prime means of communication, contrary to popular belief. Yes, social media sites are a new way to communicate, but emails are still dominant. In order to secure your email communications, you need to sign and/or encrypt your emails.


In Linux, this is an easy task to accomplish, thanks to the presence of an easy-to-use key-generation program and a capable email client. Evolution, the default email client for the GNOME desktop, is a very capable contender to Thunderbird. For GNOME users, Evolution offers the desktop integration (for both GNOME 2 and GNOME 3 GNOME 3 Beta - Welcome To Your New Linux Desktop Read More (other article Fedora 15 - Bringing You The Latest In Linux It's another great day in the world of Linux. Fedora 15 was finally released yesterday, and this new release brings a massive amount of changes compared to Fedora 14. In fact, there's so many changes... Read More )) that Thunderbird cannot offer by default. So for some it may be advantageous to use Evolution.


In order to be able to sign and encrypt your email, you will need to create your own key set. For instructions on that, you can read one of our other articles that covers the topic How To Do Encryption, Decryption & Signing Easily With Seahorse [Linux] Learn more about security and encryption using Seahorse in Linux. Read More . Signing your email only requires your own key, while encrypting your email requires that both you and the recipient have each others’ public key. Remember, you use the private key to encrypt, others use your public key to decrypt.


To get started, open up Evolution and go to your Preferences in the Edit menu. Double click on the account you want to enable PGP Security and go to the Security tab. In there, you’ll be able to enter the Key ID of your key set so that Evolution knows which key to grab when you write with a certain email address. Remember, you can have multiple email addresses on the same key, which is recommended to avoid confusion. Ideally a person should use one key, or two if they want to separate personal from business. If you wish, you can also set the defaults below, whether you would like to have certain options enabled each time to write a new message.

send encrypted email

Further Info

That’s all you have to do to set it up. When you write a new message, you can change the options that you have set my default in the Options menu, so if you don’t encrypt your email by default (as you probably don’t have a key from everyone you send an email to), you can still enable it for that specific message.


how to encrypt email

If, let’s say, the person receiving the message is also using Evolution, he or she will see a message like this:

send encrypted email

You see a message like above (“Signature exists, but need public key”), that means that the message is signed, but you have not imported the public key of the person who sent it. This can be done in the program that handles keys.


Encrypted messages won’t have a specific message, but will be decrypted on-the-fly provided that all the keys needed are available.


Protecting your email communications is a great thing to do in a world where almost anything unencrypted can be sniffed. However, not only do PGP keys help encrypt email, but they can also simply sign email so that you can verify that the email truly came from the party they claim to be. Doing that can often times be enough to feel safe about the emails you receive. Why companies that are constantly used in scams, such as banks and PayPal, aren’t using it to prove that the emails actually came from them, I do not know.

Do you think PGP signing/encryption is or will soon be a necessary security step? Are you already following this practice or will be in the future? Let us know in the comments!

Image Credit: Shutterstock


Related topics: Desktop Email Client, Email Tips, Encryption, GNOME Shell.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. De Benny
    July 8, 2016 at 8:11 pm

    Is there a chance to not only encrypt Mails in "sent" folder, but also drafts? Like when you use IMAP and don't want the server owner to read the darfts of to be encrypted E-Mail?

  2. Alexboss
    May 6, 2015 at 10:16 am

    The article says: "Remember, you use the private key to encrypt, others use your public key to decrypt."

    Shouldn't it be: Remember, you use the private key to decrypt, others use your public key to encrypt.

  3. Tom
    June 8, 2011 at 6:13 am

    Nice article... Loved it...

    But if the recipient is using some other program like Outlook, is there any way to read the mail? 

    • Danny Stieben
      June 19, 2011 at 6:04 am

      I'm pretty sure that PGP exists for Linux, so as long as there is a plugin that you can install for Outlook to use PGP, then yes. But by default, probably not.

      ^^That's if the email is encrypted, and not just signed. If it's just signed, then it'll be fine.

  4. Anders
    June 7, 2011 at 9:10 pm

    It is quite easy to use S/MIME instead of PGP.  You just need a Certificate, which is easy to get for private persons.  There are two sollutions for private persons that are free.

    * CA Cert Org OSS type Certificate (not in all clients)
    * StartComs StartSSL™ PKI (in all clients and computers)

    Use whichever you want.  CA Cert is a community driven Certificate CA, and StartSSL is a company with good low cost certificates.  StartSSL also allow you to use your certificate with OpenID to login securly, without using any passwords sent to server.  Which is really good.

    In both you just sign in with Firefox (or Iceweisel) and when you have registred, you get a Certificat loaded into your Web Browser.  You *must* make a security copy of that, because if you loose that one, you can't log back into the services.

    So Edit -> Settings   and  Advanced -> Encryptions -> Show certificates and Your Certificates.
    There you mark your Certificate and make a Backup of it.  Use good passwords.

    The file (end with .p12) can then be used to put the certificate into other programs, like Evolution to sign or encrypt your messages with S/MIME.  Notice that it has both your public AND private keys there, so be careful with it!

    Happy secure communication!


    • Danny Stieben
      June 19, 2011 at 6:03 am

      That's very interesting. What are the advantages of S/MIME over PGP?