Secure communication is one of the fundamental pillars of information security. We don't want someone listening
in on our phone calls or reading our emails, which is why we encrypt sensitive messages. One way to make our own email more secure is with Enigmail, an add-on to the Mozilla Thunderbird mail client that enables the sending and receiving of digitally signed and/or encrypted messages.
Once Enigmail is configured, email that has been digitally signed by another user can be verified as authentic. In the mail client, a bar above the subject line of an email message will turn green when a digitally signed email has a valid signature from a trusted sender. It also allows outgoing messages to be digitally signed, verifying to others that the email they received was signed with your private digital key, something no one else but you possesses.
Enigmail can also automatically encrypt and decrypt messages that have been encrypted using the OpenPGP standard. In transit, the encrypted emails are virtually unbreakable (and hence, unreadable to prying eyes), but upon entering the inbox, the messages can be automatically rendered into clear text. Enigmail handles the complexities of certificate lookups in the background, wrapping a simple-to-understand interface around what is typically a complex set of operations.
Using Enigmail and OpenPGP is a great way to gain email privacy without losing your mind.
-- Scott Sidel is an ISSO with Lockheed Martin