The enigmatic Troutgirl points at the Enigmail project which, aside from having a great name, may make some headway in getting e-mail encryption technology in front of the masses.

Enigmail is an extension to the mail client of Mozilla / Netscape and Thunderbird which allows users to access the authentication and encryption features provided by the popular GnuPG software (see screenshots). Enigmail is open source and dually-licensed under the GNU General Public License and the Mozilla Public License.

Having tried e-mail encryption of many flavors over the years, this sounds like it might just work. Integration has always been the killer. Either the system used a standard encryption tool such as PGP or now GPG, or it used a built-in system that didn't necessarily play nicely with others.

Enigmail seems to solve both of those problems.


Now, if only I could find a GUI mailer that could happily coexist with mutt (and, more importantly, my client-side Maildir e-mail storage).

Posted by jzawodn at December 05, 2004 07:53 PM

Reader Comments
# Jim said:

KMail, that comes with KDE, supports client-side Maildirs.

on December 5, 2004 08:05 PM
# David de Groot said:

Thunderbird also handles client side Maildirs. Although personally I prefer Maildirs on a separate server.

While Enigmail is good, I can't see encryption working for the masses until things like gpg are a lot easier to deal with. Engimail will handle nearly all your gpg needs, but every now and then you'll need to jump into the command line to fix something (whether it be a specific trust level on a particular key, or something else), and wham! there goes all the user friendliness.

The commercial PGP integrates well with commercial clients (eg Mail.App on MacOSX, Outlook/Outlook Express and Eudora on Windows), but not with Thunderbird/Mozilla Mail or a myriad of other mailers.

However, what the commercial version of PGP gains over GPG is basic user friendliness for the crytographically challenged.

Mind you, this is what a lot of Open Source software seems to lack. User friendliness just isn't considered, or worse still, the developers figure they're users too and it's friendly for them, so it therefore must be user-friendly. A sad and sorry synapsis but one that rings true far too often.

Well that's my 2 cents worth.

on December 5, 2004 08:40 PM
# Ryan said:

How about using IMAP? When on the go one can still ssh into the box and use mutt, but when an IMAP available client is handy then use that.

on December 5, 2004 09:20 PM
# Gregg said:

Although PGP is a proprietary tool, I've always used the 'use current window' feature which will encrypt/decrypt any ascii text. For me, this is the best feature to be added over the years. Of course, this is all from a Windows point of view.

on December 5, 2004 09:34 PM
# Jeremy Zawodny said:


You mean imap locally?

I guess I could. But it just seems so... overkill.

Than again, we're talking about a 1.3 GHz laptop.

on December 5, 2004 09:34 PM
# Ryan said:

Jeremy: Well, I have a server in my apartment using fetchmail pulling email from my pop3 servers, then delivering locally to my maildir directories. Mutt can handle the maildir folders just fine, and I can ssh into the box if no graphical email client is available.

On my laptop, I just setup thunderbird, kmail, evolution, etc to use imap+ssl to connect to my computer at home. All my email is centralized in one place. To send email, I have qmail setup with TLS+SMTP auth and use that as the outgoing server. (I never know where I will be and if there will be SMTP access.)

If you must have the email local, there is a script called offlineimap that will sync a remote imap server to your local box. It doesn't even need a local imap server; it'll store (and sync) email in a maildir directory locally.

I hope this helps.

on December 5, 2004 10:45 PM
# Stuart Langridge said:

I'll second the vote for running an IMAP server on the box. Yes, it's overkill. Yes, I don't like it either. On the other hand, it's jolly difficult to get a GUI mail client that actually accesses your mail in place as Mutt does; instead, they say that they "support" local mail spools, but they tend to do so by stealing the mail out of them and storing it away in their own personal mail store. The issue is that, in my experience, Mutt's IMAP support isn't very good; it all works OK, but it's very slow (something to do with caching folders). You'll want to check that, though, before relying on it, because it might have got better in the last 12 months or so. What I end up doing is using Thunderbird (with IMAP) when at the console, and webmail over ssh when away. This is suboptimal, but I don't like tunnelling IMAP to a remote Thunderbird; the remote Thunderbird and the local one quarrel a bit about what they want to mark as junk and so on.

on December 6, 2004 12:09 AM
# David Corking said:

The first poster suggested Kmail for use with your Maildirs.

Don't do this - the docs warn agains running Kmail on the same mail folders as mutt (I have done this and got away with it, but I won't do it again.)

Kmail is a great application but (1) don't use it with mutt on your Maildir (2) it does not PGP encrypt attachments (only the main message.)

Last time I looked at enigmail, it did not do attachments either. But I see from the project page that it now encrypts attachments. Thanks for the tip - I will be checking out Thunderbird too (but switching from mailfiles to IMAP sync'd to the client side.)


on December 6, 2004 09:42 AM
# Konrad said:

Yet another voice chiming in for an IMAP server to decouple the client from the mailstore. I also use that, quite to my personal happiness. I use three different MUA regularly (mutt, Gnus and Evolution) and just use cyrus to have the same state of my mail queue in all of them. Although it may look like overkill, it's not that bad -- I used to run my imap server on an old 68030 based amiga well enough for a single user, so it can't be that darnedly awful -- and it gets the problem solved once and for all.

on December 8, 2004 02:20 PM
# David said:

I can send encrypted mail from Thunderbird but I'm not sure how my recipient would decrypt it.

I can't seem to decrypt the email from Outlook Express.

I need to send password and user account information to regular people (not techy) so they'd need to be able to decrypt the mail easily.



on September 6, 2005 12:23 AM
# bill said:

just spent all day trying to get Enigmail/GnuPG to work with Thunderbird 0.7

...and it doesn't work...

"Enigmail: Egigmime Service not available"


on November 10, 2005 09:44 AM
Disclaimer: The opinions expressed here are mine and mine alone. My current, past, or previous employers are not responsible for what I write here, the comments left by others, or the photos I may share. If you have questions, please contact me. Also, I am not a journalist or reporter. Don't "pitch" me.


Privacy: I do not share or publish the email addresses or IP addresses of anyone posting a comment here without consent. However, I do reserve the right to remove comments that are spammy, off-topic, or otherwise unsuitable based on my comment policy. In a few cases, I may leave spammy comments but remove any URLs they contain.