Network Security
Vulnerability Management
Privileged Access Management
Endpoint Security
Threat Hunting
Unified Endpoint Management
Email & Collaboration Security
Contents:
Previously on the email encryption sage; so far, we’ve talked out how PGP encryption works, how to Encrypt emails in Outlook using OME and S\MIME, and, how to use gpg4win’s Kleopatra to your advantage. The time has come for us to have a little chat about how to actually send PGP or S\MIME encrypted emails. So, in this article, I’m going to show you some emails clients I use for secure communication. Enjoy, stay safe, and don’t forget about making a backup copy of your public key.
Can I use Outlook or Gmail for sending encrypted emails?
Let’s get one thing straight – it’s one thing to add PGP or S\MIME padding to an email comm channel and another thing to send pre-encrypted messages. The latter involves the use of tools like Kleopatra or iGolder and the former some pretty mad network engineering skills. Anyway, the answer to the question is “yes”. Both Outlook and Gmail can be employed to transmit pre-encrypted PGP messages to anyone who owns a public key.
As I mentioned a couple of times, you will need to know the recipient’s public key in order to send him or her a PGP encrypted message. Kleopatra is the best choice, but other tools are available. One thing you should know before using Gmail or Yahoo Mail or Outlook to send pre-encrypted messages – some email clients have ‘checkpoints.’ These checkpoints, which are either part of the client’s data encapsulation process or as part of an email protection solution can flag these pre-encrypted messages as malicious. Naturally, it’s a false-positive, but it will still force you to tinker with the black- and whitelisting functions.
So, should you rely on sprinting (i.e., encrypted with a PGP client, acquiring a public key, sending the encrypted message, decrypting, etc.) or go about this using another approach? Well, my bet’s on the second method which, in this case, means using an email solution that can help you send encrypted emails. Here are my favorite open-source email agents that support PGP and S\MIME encryption and, of course, decryption.
Email Solution for Encryption\Decryption
Ready? Let’s take a closer look at the five best open-source email encryption solutions.
1. Hushmail
As its name suggests, HushMail is a secure, web-based email service that keeps your conversation secure via strong encryption. HushMail has two pricing tiers – a personal and free plan that supports the OpenPGP standard, HIPAA compliance, and compatibility across multiple devices and operating systems.
For corporate needs, HushMail also offers a paid plan with unlimited storage, additional encryption options, industry-tailored features, and much more. What’s it like to use this solution for sending encrypted emails? Imagine cutting the middleman (i.e., PGP crypto-generator) and doing everything from a single interface. For more information about HushMail, go ahead and visit the official website.
2. RMail
Rmail is a fairly free-to-use email service that allows you to create digital certificates, share said certificates, track, e-sign, encrypt and decrypt messages. This agent is fairly easy to use and set up. On top of that, it’s corporate-friendly since it comes with every compliance certificate out there. Just like HushMail, RMail can help you PGP-encrypt and decrypt messages without the use of a third-party tool.
Some features you should look forward to in RMail: API automation, dynamic encryption, Outbox-to-Inbox protection (i.e., great against Message Takeover attacks), message-level encryption (i.e., uses 256-bit AES for encrypting attachments), API-based e-signature, and more. As I’ve mentioned, RMail is corporate-centric but is also available for personal use.
3. KMail Office
KMail Office is a Linux-based email client that can quickly help you send PGP, S\MIME, and P\MIME encrypted emails. Despite its lackluster look and limited compatibility, KMail is packed with features such as push mail, advanced spam detection, Address Book import\export, server-side filtering, mailing list management, end-to-end encryption, and customizable privacy preferences.
So, if you’re the kind of person that prefers Linux over Windows, KMail’s a great choice. Just make sure to read the product’s handbook prior to the installation because the setup process is a bit tricky. Since it’s an open-source solution, you can also give the community a shout-out if you encounter any issues.
4. Enigmail
Enigmail is everything a secret agent might wish for – total secrecy, encryption/decryption functions, and a cool self-destruction button. Kidding on the last point, of course. So, Enigmail is an OpenPGP encryption\decryption extension that works in conjunction with Seamonkey and Mozilla’s Thunderbird.
With this email extension, you will be able to send and receive PGP-encrypted messages. It’s lightweight, easy to use, and free of charge. On top of that, it serves both corporate and personal needs. Want to get more out of your Enigmail agent? The developers were kind enough to make the source code available.
5. Crypto Anywhere
The last item on our list is Crypto Anywhere. What’s Crypto, you ask? Well, Crypto Anywhere is to email agents what Tails is to Operating Systems. In other words, this email agent is small enough to fit inside any USB thumb drive but strong enough to perform any email-related duty. The major advantage of Crypto Anywhere is that it can be operated directly from a USB stick.
No installation, no traces, no complications; in other words, it’s the best email encryption tool out there. With Crypto, you can compose, encrypt, and send emails directly from the dashboard, create and manage certificates, make backup copies of your public key, decrypt received messages, and more. The only thing you’ll need would be a (working) Internet connection.
Wrap-up
These email agents will help you streamline the encryption\decryption – transmission process. Furthermore, with everything under a single roof, the chances of something going wrong throughout the procedure are next to nothing. Of course, one can’t deny the merits of adding extra security padding to your email communication channels. Business Email Compromise and its counterpart Vendor Email Compromise are some of the worst email-mediated cyber-aggressions.
Clearly, message encryption is not enough. A third-party solution such as Heimdal™ Security’s Fraud Prevention can safeguard inboxes against spearphishing, impersonation attacks, phishing, wormable content, botnetting, and more. As a takeaway, I would strongly recommend implementing PGP encryption systems that are designed for corporate use. With that in mind, stay safe, and don’t forget to leave me a comment if you have any further questions about the topic.
