Mozilla Thunderbird makes it extremely easy to send end-to-end encrypted emails using OpenPGP. In order to do this, both the sender and the receiver will need to generate a secret and public key pair using the Thunderbird email client. Here are some of the steps to follow (by both the sender and receiver):
- Click on the Account Settings -> End-to-end encryption for the account you wish to configure as shown in the screenshot below:
2. Click on Add Key as shown below
3. Next, Thunderbird allows you to create / import a Personal Key for your email account. In my case, I don’t have a key yet, so I will choose the first option and click on the Continue button.
4. Generate the key. I have set the key to not expire, and increased the key size.
5. Confirm that you want to generate the public and secret key.
6. You will receive a confirmation indicating that the secret and public keys were generated successfully.
7.Open the Key Manager (see button on the bottom left corner of the screenshot above)
8. Click on FIle -> Backup Secret Key(s) to file.
9. Enter a password to protect the secret key and save it. You can later import this secret key into an email client such as Thunderbird on another desktop.
10. You can also Export your public keys to your desktop or email them to a friend from the Key Manager.
DO NOT SEND ANYONE YOUR SECRET KEY OR THEY COULD READ ALL YOUR ENCRYPTED MAILS.
11. The next couple of steps are the easy part. Let’s take a look at the sequence of steps for users A&B who have generated their secret & public keys.
- A and B exchange public Keys via email (this can be done from the Key Manager ->File -> Email public key)
- A imports B’s public Key and accepts it as a verified key after checking the fingerprint either in person or via another app (not email).
- B does the same on his end.
12. When sending an encrypted mail, first type the recipients email address and subject, then click on Security -> Require Encryption. Also choose to digitally sign the message (Enabled by default). You can also encrypt the subject (recommended).
The email will look like a black box to your email server as the contents will be encrypted. See snapshot from Gmail below.