Choosing an email reader for encryption
Off the Beat: Bruce Byfield's Blog
Most modern email readers support encryption, but that's only half the story. Despite the growing public interest in security and privacy, most readers are still designed on the principle that if you want encryption, you will have no trouble figuring how to configure it.
To say the least, this is an ungrounded assumption. All too often, poor documentation and interface design, as well as complicated procedures conspire to keep encrypted email out of the reach of all but the expert or patient few. A little research may tell you that you need a PGP public key, but how easy is it to made your email reader aware of the key?
Here's how seven of the most popular email readers on Linux answer that question. The answer should be obvious, but rarely is:
Alpine
Alpine is the latest incarnation of Pine, the ancient email browser. To a desktop user, Alpine is as complicated to configure as most of the other major options.
However, if you are at home at the command line, the technique seems natural: add your public key to your ~/.pinerc file.
Claws-Mail
Claws Mail is mostly easy to use. But as so often happens, encrypted email is an exception. You need to install and enable the PGP/Core, PGP/Inline and PGP/Mime plugins.
And how do you install plugins? Not by scanning the Claws Mail manual, which doesn't mention the subject, but by hunting down the Claws Mail FAQ online. Simple -- so long as you're willing to investigate.
Evolution
GNOME's Evolution includes encryption choices in the Options menu of the Compose Message window. Selected options remain in force until toggled again, so be careful not to send an encrypted message when you intend to send one in clear.
Evolution will indicate problems, such as the lack of a key. Sadly, though, the interface gives no hint of how to configure encryption, and, in several major distributions, includes no online help. If you know about Evolution's manual, you will find concise and clear procedures for setup, but if you don't, it takes persistence and luck to stumble across the configuration options buried several levels down on the Security tab for your account.
Geary
Geary is a new email reader from the Yorba Foundation, the makers of the Shotwell photo manager. Unfortunately, it is still in beta, and does not currently support message encryption. Jim Nelson, Yorba's executive director, says that "this is something we would like to include, but can't make a definitive statement when it will be available."
However, Nelson does express how he thinks email encryption should operate. Many other implementations, he says, "seem little more than GUI representations of the arguments one would pass to a command line tool. We think a modern client should offer a straightforward keyring manager, a checkbox interface for encrypting a message, and a prominent indicator when a received message is properly (or improperly) signed" -- a vision that would put Geary well ahead of most email readers if implemented.
KMail
KMail, KDE's main email reader, provides full support for encrypted email. However, the menu items for configuration are scattered all around. Some are on the Encryption tab under Identities, others on the Composing and Miscellaneous tabs under Security. Nor does the verbosity of the online help or its arrangement by menu item provide an adequate explanation of which options are required and which are optional.
Granted, once encryption is set up, encryption in KMail is only a single click away. But reaching that point can be frustrating to users new to the concepts.
Sylpheed
At first, Sylpheed is puzzling. A popular, light-weight email browser, Sylpheed includes PGP Sign and PGP Encrypt options in the compost window, but searching the menus gives no hint of how to configure it for encryption.
The truth is so simple that overlooking it is understandable: if you create any keys, Sylpheed automatically detects them and displays them for selection just before sending the message. If Sylpheed would only mention this setup somewhere, it would be the encryption solution of choice among the major email readers.
Thunderbird
As installed, Mozilla's Thunderbird (or Icedove, as it is known in Debian) has no email encryption. However, you can add the Enigmail extension, which adds the functionality.
Enigmail does many things right. It offers a wizard that educates you while guiding you through the process of generating private and public keys, and adds an OpenPGP menu to the Write window.
Enigmail does have some weaknesses. It assumes some PGP options, and the menu items it adds are poorly worded and potentially baffling to users new to encryption. It is also extremely slow at generating keys. However, currently, it is a reasonable choice for configuring and using encryptions graphically -- which is no doubt why the Free Software Foundation centers its campaign to promote encryption upon it.
Making a Choice
At some point in the next few years, encryption will be as simple as a spell-check. Perhaps Geary will be the email browser to provide that solution.
Meanwhile, encryption remains a non-standard feature -- under-documented, with options hard to find and poorly worded. For now, Thunderbird and Enigmail seems the best choice for new users, although the simplicity of Sylpheed is very nearly there. But, even with these choices, easy encryption is still a release or two away, if not several.
comments powered by DisqusSubscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
ESET Discovers New Linux Malware
WolfsBane is an all-in-one malware that has hit the Linux operating system and includes a dropper, a launcher, and a backdoor.
-
New Linux Kernel Patch Allows Forcing a CPU Mitigation
Even when CPU mitigations can consume precious CPU cycles, it might not be a bad idea to allow users to enable them, even if your machine isn't vulnerable.
-
Red Hat Enterprise Linux 9.5 Released
Notify your friends, loved ones, and colleagues that the latest version of RHEL is available with plenty of enhancements.
-
Linux Sees Massive Performance Increase from a Single Line of Code
With one line of code, Intel was able to increase the performance of the Linux kernel by 4,000 percent.
-
Fedora KDE Approved as an Official Spin
If you prefer the Plasma desktop environment and the Fedora distribution, you're in luck because there's now an official spin that is listed on the same level as the Fedora Workstation edition.
-
New Steam Client Ups the Ante for Linux
The latest release from Steam has some pretty cool tricks up its sleeve.
-
Gnome OS Transitioning Toward a General-Purpose Distro
If you're looking for the perfectly vanilla take on the Gnome desktop, Gnome OS might be for you.
-
Fedora 41 Released with New Features
If you're a Fedora fan or just looking for a Linux distribution to help you migrate from Windows, Fedora 41 might be just the ticket.
-
AlmaLinux OS Kitten 10 Gives Power Users a Sneak Preview
If you're looking to kick the tires of AlmaLinux's upstream version, the developers have a purrfect solution.
-
Gnome 47.1 Released with a Few Fixes
The latest release of the Gnome desktop is all about fixing a few nagging issues and not about bringing new features into the mix.