Encrypting Email with KMail, Mozilla Thunderbird, and Evolution
LOCK AND KEY
The leading email applications include new features for helping users secure and authenticate their mail messages, but each tool has a different approach to handling tasks such as signing and encryption. This article describes how to add encryption and digital signatures to the Thunderbird, Kmail, and Evolution mail clients.
Spoofers have an easier time on the Internet than anywhere else. There’s no need to forge a signature to dispatch mail under someone else’s name; all you need is a spoofed entry in the From header. The mail protocol does not provide any kind of protection against this kind of manipulation. If you want the people you write to to be able to rely on the authenticity of your messages, you should get into the habit of signing your email messages. The same thing applies to encryption: or would you really want a curious mail server admin reading your letters? Anyone with access to one of the computers that relays mail between your outbox and the destination could theoretically read your messages. GNU Privacy Guard (GnuPG) [1] is a program that protects your messages against monitoring and manipulation. GnuPG is a cryptographic system that uses asymmetric keys. For the user, this means having two keys, a private key and a public key, which are generated as a key pair. The passwordprotected private key is kept secret.