DIY Encrypted Email 4: In Practice

DIY Encrypted Email Thunderbird GPG and Enigmail

In Part I of this series we discussed the principles of rolling your own encrypted email.  Part II and Part III covered the installation and setup of the applications needed to make this happen.  Today we will begin talking about how to actually use all this “stuff”.  Installing the programs are the easiest parts of this process, but using it isn’t as daunting as it was just a few years ago.  Hopefully you have been using Thunderbird over the past week and have some comfort level with it. To begin using it to send and receive encrypted email, you will need someone to practice with.  This is a good reason and a good strategy to encourage others to use encryption!

***If you need someone with whom to work on these skills I am happy to send you my public key and respond to your emails.  Reach out to me via the contact page and I will do my best to respond in a timely manner.  Please keep in mind I am extremely busy with work for the next few weeks, so my responses will be limited to the early mornings and evenings.***


The first step in sending encrypted email using this setup is key exchange.  This requires that you share keys with another participant.  To share a key with another person, compose an email to him or her by clicking “Write” (indicated by the red arrow).

Encrypted EmailWhen the compose pane appears, enter your recipient’s address.  Fill in the subject line (if desired) and the body of the message.  To transmit the public key click the “Attach My Public Key” button (indicated by the red arrow).

Encyrpted EmailSending your public key is only half of the equation.  Your correspondent will have to send his or her public key to you.  When you receive a public key you will have to import it. To do so, double-click on the attachment.  You should see a pop-up from Enigmail prompting you to import it.  Click “Import”.

Encrypted EmailYou will be asked to confirm this decision.

Encrypted EmailYou have now successfully exchanged keys.  At this point you can begin sending encrypted email.  After key exchange is complete, the rest of the process is fairly painless.  To send your first encrypted email click the “Write” or “Reply” button.  When sending an email to recipient for whom you possess a valid public key, the message will be automatically encrypted.

Encrypted Email 5When you receive a reply that has been encrypted with your public key, you will be required to enter your password.

Encrypted EmailUpon entering your password the message will be decrypted.

Encrypted Email

At this point you should be exchanging encrypted email with relative comfort.  In the fifth and final part of this series we will cover some advanced topics, like key management and per-recipient rules.

If you enjoyed this article and would like exclusive content, sign up for the Operational-Security Newsletter.

Leave a Reply