Email is one of the most common activities we perform on the internet. However, email is also one of the most vulnerable internet services currently used. Email spam is common, but what most people are not aware of is that email identity theft is common as well. There is also continuous concern over the privacy and security issues surrounding the matter. However, most users dismiss security software as complex and still continue to send email messages with very little or no regard at all to security.

In this article, you’ll learn how to install, setup, and use the Mozilla Thunderbird email client for secure, encrypted email using GnuPG and the Enigmail Mozilla Thunderbird extension. The examples in this article are based on Ubuntu 5.10, but any GNU/Linux-based operating system can be used. You’ll also get to tackle the basics of using GnuPG with Enigmail—just enough to get you started, as GnuPG is a very powerful suite that can extend to other applications. If you’d like to learn more about cryptography using GnuPG, the man pages are a good place to start. Don’t worry though, GnuPG is very well documented and you’ll be presented with some links online at the end of this article to get you started.

If you’re still using Microsoft Windows, you can still apply the steps presented, but you’ll have to download and configure the Win32 counterparts of the software used.

Installing the essential applications

Assuming you’re already running Ubuntu 5.10, you need to install three software packages to be able to start sending secure email. These are:

• Mozilla Thunderbird—a free software, full-featured and secure email client from the Mozilla project. It is currently available for GNU/Linux, Windows and MacOSX
• Enigmail—Enigmail is an extension to the mail client of Mozilla Thunderbird which allows users to access the authentication and encryption features provided by GnuPG.
• GnuPG—GnuPG is a complete and free replacement for the PGP (Pretty Good Privacy) suite of cryptographic software; and it’s released under the GNU General Public License.

You’ll also need an email account that has POP3, SMTP and/or IMAP support. Your Internet Service Provider (ISP) may have provided you one. If you are using a free email account, check your email provider if it has support for such. Gmail provides free POP3 and SMTP support, so you can make an account (if you haven’t already) and use it for this exercise.

You’ll need an email account that has POP3/SMTP and/or IMAP support to be able to download your email messages to Thunderbird

Ubuntu officially supports these packages and they can easily be installed from the network. You can use the Synaptic package manager to install them. From your GNOME desktop just click on System → Administration → Synaptic Package Manager. Once selected, you’ll be asked for your sudo user password (in Ubuntu, this is normally the first user you create during setup if you did a default install) and then you’ll be presented with the Synaptic Package Manager as shown in figure 1.

Figure 1: The Synaptic Package Manager

In Synaptic, click on “Search” and look for the following packages: mozilla-thunderbird, mozilla-thunderbird-enigmail and gnupg. The package gnupg was most likely installed already during your initial setup of Ubuntu, so you can skip this; but in case it wasn’t or you’ve removed it, you’ll have to include it.

Once you have selected the three packages, click on “Apply”. Synaptic will then check for package dependencies and install them as needed. Once you have the packages installed, you can now close Synaptic.

Setting up your email client

Now that Thunderbird, Enigmail and GnuPG are installed, you can open up Thunderbird and create your first key pair. From your desktop, click on Applications → Internet → Thunderbird Mail Client. This will open up Mozilla Thunderbird. You will be asked to create your email account when you open up Thunderbird for the first time. If you haven’t created one, it’s a good time to set it up now. Thunderbird provides a wizard to help you setup your email account. For this article, I’m going to use a fictitious email account named jerome@freesoftwaremagazine.com. Figure 2 shows how Thunderbird looks after setting up the email account.

Figure 2: The Mozilla Thunderbird email client with Enigmail installed

Setting up Enigmail and creating your Key Pair

Once your email account is ready, you need to generate a new “key pair”. A key pair consists of two keys: the public and the private key. This pair (along with the other pairs used by other people worldwide) is essential to make Public Key Infrastructure (PKI) possible. To put it simply, people can send secure, encrypted email to you using your public key but you need your private key to decipher it, and vice-versa. All of this is made possible while using an unsecured public network such as the internet.

A key pair consists of two keys: the public and the private key. This pair (along with the other pairs used by people worldwide) is essential to make Public Key Infrastructure (PKI) possible

If you’ve used Thunderbird before, you’ll notice that after installing the mozilla-thunderbird-enigmail package, a new menu entry appeared: “Enigmail”. Before creating your first key pair, you need to configure Enigmail to use GnuPG by adding its executable path. Select “Enigmail” and click on “Preferences” and the Enigmail Preferences window will appear (as shown in figure 3).

Figure 3: Adding the GnuPG path in Enigmail preferences

To begin with, just focus on the “Basic” settings to get Enigmail running. First, you’ll need to add the executable path of GnuPG. In Ubuntu, this is located at /usr/bin/gpg. So, add that to the “GnuPG executable path” field and click on “Ok”. Other settings such as additional parameters, passphrase settings and keyservers can be left as is for now. You can go back to those settings later when our key pair is done.