Encrypting email in Evolution
Evolution is an outstanding groupware suite with one of the finest email clients in all of Linux-land. For many users the standard email setup is great. It does everything they need: it sends and receives email (even HTML email if you so desire). But for others a little extra is needed...especially in the form of security. One way to secure your emails is to add a layer of encryption to them. This can be in the form of a simple signature or as much as a fully signed and encrypted email. Believe it or not, this is quite simple with the Evolution email client.
In this article I am going to show you how to take your encryption key and add it to your outgoing mail with Evolution. I will show you how to set up both signing and encrypting of email.
If you do not already have a key, I highly recommend you use Seahorse to create one. For more information on Seahorse you can read my article "Create, sign, and publish your PGP key with Seahorse". When you create that key you will do so with a name associated with it. You will use that name for Evolution. If you don't remember the name you used you can see it by opening up Seahorse, clicking on the My Personal Keys tab, and see the name as listed.
Once you have that key you are ready to set up Evolution.
Once in Evolution click on Edit > Preferences. From the Preferences window select the account you want to associate the key with and click Edit.
In this tab you will see a section where you can enter your PGP/GPG ID. This is where you enter your name from you key (see Figure 1). Once you've done this, you have a few options to choose:
- Always sign outgoing messages: This means all outgoing messages (new messages, replies, forwards) will have your PGP/GPG signature attached.
- Do not sign meeting requests: Probably a good idea if you are going to using Evolution inside a company where others use Outlook - otherwise Outlook will see this as an attachment and add it to the invitation.
- Always encrypt to myself when sending encrypted messages: This will send an encrypted copy of the email to yourself when.
- Always trust keys in my keyring when encrypting: If you know your keys in your keyring are valid you can select this which will allow Evolution to skip the keyring check of those keys.
Once you have all of this set up, you are ready to go.
Sending signed and/or encrypted mail
When you create an email in evolution you will notice a Security menu in the menu bar. When you click that you will see four entries, of which only the top two (PGP Sign and PGP Encrypt) are of interest to you now. Say you want to sign that outgoing email with your key. To do this check the check box associated with PGP Sign in the Security menu. Say you want to encrypt that email. To do that check the check box associated with PGP Encrypt in the Security menu.
You must know, however, that when attempting to send out an encrypted email, Evolution will query key servers to see if there is an associated public key with the email address. If no public key is found on a key server then you will not be able to encrypt that email. You can, however, sign all outgoing email.
If you are seriously concerned about your privacy, and you use Evolution, I highly recommend using this feature. Even if you are only signing your emails, those receiving your email will be far more secure in knowing that emailÂ definitely came from you.Advertisement
Jack, please quit it with the transparency on the screenshots. It makes the thunbnails useless, and make the full-sized image difficult to understand.
In every tutorial, everywhere, it says we need TWO keys, a PRIVATE one and a PUBLIC one.
In seahorse couldn’t find anywhere the words PUBLIC KEY.
It says it publishes your key. WHICH KEY? The private one? Why they don’t make it clear, THIS KEY IS THE PRIVATE and THAT is PUBLIC.
You just push a button and it says your key is public. WHICH KEY?
Why they create sub-key, sub-sub-sub-key and all kind of sub keys? EVERYWHERE on the Internet is all about TWO keys (PRIVATE AND PUBLIC), not sub-sub-sub and all kind of Idiot keys.
Seahorse is disappointing!
thank you for this little tutorial. i followed it, as well as the link to the seahorse set-up, and got my PGP signature key set up no problem. thanks