Background

I’ve used gmail for over a year, and the 2.5+ GB of space is nice. Unfortunately the web interface for Gmail doesn’t support encryption*. Thunderbird and the Enigmail extension can be combined with GPG to fix this problem. I selected the portable version of Thunderbird so that I could use one instance of Thunderbird on my desktop and laptop by bringing along a USB drive, but you can use the standard version if you prefer.

Step 1: Get a Gmail Account

If you don’t already have a gmail account you will need to get one, which you can go at gmail.com

You could use also any other email system that supports POP and SMTP access, but I’m partial to Gmail, and I like the fact that they only allow SSL secured access to the mail server if you use POP and SMTP instead of the webmail front end. Obviously, if you don’t use Gmail then the server address, ports, and security settings may vary.

Step 2: Install GPG

If you don’t already have GPG installed, then Download GPG and install it. If you are not familiar with GPG, there is a how-to guide for gpg located here.

Step 3: Install Thunderbird and Enigmail

The portable version of Thunderbird, which runs out of a single folder, is available here. Download and unzip it, then download the Enigmail extension.

Next, open Thunderbird and select the ‘Tools’ menu, and then ‘extensions’. Click the ‘Install’ button and locate the Enigmail extension file you downloaded. Close and restart Thunderbird.

Step 4: Configuration

The next final step is to configure Thunderbird to work with gmail. Below are the server settings that Google provides that you will need to configure in Thunderbird:

Incoming Mail (POP3) Server - requires SSL: pop.gmail.com
Use SSL: Yes

Outgoing Mail (SMTP) Server - requires TLS: smtp.gmail.com (use authentication)
Use Authentication: Yes
Use STARTTLS: Yes (some clients call this SSL)
Account Name: your Gmail username (including ‘@gmail.com’)
Email Address: your full Gmail email address (username@gmail.com)
Password: your Gmail password

Using Thunderbird with the Enigmail plugin is rather simple - when you compose mail there is the ‘Open PGP’ button/menu which allows you to select if the email is to be encrypted and/or signed. When you receive email, it is automatically decrypted and the signature is verified. If you need further help, there is a guide here. Hopefully this guide was helpful. If anything is unclear or you have any questions, feel free to contact me.

* Note: The FireGPG plugin would allow GPG to be used within Firefox, however this is less secure as many webmail providers will save (unencrypted) drafts of the messages you are composing. I prefer the Thunderbird + Enigmail approach, but the FireGPG option is included for the sake of being thorough. Thanks go to John Moore for persuading me to include this option here.

No tags for this post.

Related posts

  • No related posts.