Terminology

Thunderbird, by itself, does not come with the capability to encrypt your email. However, with the help of PGP/GPG and enigmail, you can easily encrypt your email in Thunderbird.

PGP

PGP (Pretty Good Privacy) is the protocol used to encrypt emails.

GPG

GPG (GNU Privacy Guard) is the software that implements PGP.

Enigmail

Enigmail is a Thunderbird extension that connects to GPG to implements the encryption.

Installation

To get started, we need to first install GPG and Enigmail on our computer. For Linux In Ubuntu and most Linux distro, GPG is installed by default. In fact, the “Passwords and Keys” (aka. seahorse) app in Ubuntu is already an implementation of GPG. To install Enigmail, simply search for it in the Ubuntu Software Center, or use the command in the terminal: For Windows Installing GPG in Windows is as easy as installing the GPG4Win app. For Mac Similarly, install the GPG Suite for Mac to get started.

Installing Enigmail in Thunderbird

Once you have installed GPG for your OS, open up Thunderbird and head to “Tools -> Add-ons”. Search for the extension “Enigmail”. Install it and restart Thunderbird for it to take effect.

You should now see an “OpenPGP” option in the menu bar.

Setting up OpenPGP in Thunderbird

Click the “OpenPGP” menu and select “Setup Wizard”. Select “Yes, I would like the wizard to get me started” and click Next.

If you want to sign all your email, select “yes, I want to sign all of my email”. For selective signing, choose the “No, I want to …” option instead. Click Next.

For the encryption, decide if you want to encrypt all your outgoing email or on a per-recipient basis.

Next, the wizard will prompt you to change a few email settings to make OpenPGP work more reliably. This includes disable HTML message, view message body as plain text, disable loading IMAP parts on demand etc. If you have made a specific settings to Thunderbird that you need to use for all emails, select “No”. Else, you can safely select “Yes” and let it configures your mail settings.

The next step is to create a new key pair for signing and encrypting your email. If you have already created a keypair, you can select it from the list. If not, select “Create a new key pair” option.

You will then have to enter the passphrase.

And lastly, click Next at the Summary page and it will start to create the keypair.

Once the keypair is generated, it will prompt you if you want to generate a revocation certificate. This certificate can be used to invalidate your private key in case it gets lost or stolen.

Signing and Encrypting emails in Thunderbird

Open a new Compose window and start to enter your message. To encrypt/sign your message, click “OpenPGP -> Encrypt Message” in the menu bar. You can also select “Sign Message” as well. If necessary, attach your public key in the email so the recipient can add it to their library.

Accessing Encrypted emails in Gmail

If you receive an encrypted email in Gmail, you can make use of Mymail-Crypt for Gmail for Chrome or WebPG (available for both Firefox and Chrome).

Final Thoughts

Thunderbird is used by many people and thanks to its open-source nature, adding an encryption mechanism to it is very simple as well. Once you have set it up, you will be able to receive and send encrypted emails without much issue. Image credit: Computer security by BigStockPhoto