Once Enigmail is configured, email that has been digitally signed by another user can be verified as authentic. In the mail client, a bar above the subject line of an email message will turn green when a digitally signed email has a valid signature from a trusted sender. It also allows outgoing messages to be digitally signed, verifying to others that the email they received was signed with your private digital key, something no one else but you possesses.
Enigmail can also automatically encrypt and decrypt messages that have been encrypted using the OpenPGP standard. In transit, the encrypted emails are virtually unbreakable (and hence, unreadable to prying eyes), but upon entering the inbox, the messages can be automatically rendered into clear text. Enigmail handles the complexities of certificate lookups in the background, wrapping a simple-to-understand interface around what is typically a complex set of operations.
Using Enigmail and OpenPGP is a great way to gain email privacy without losing your mind.
-- Scott Sidel is an ISSO with Lockheed Martin
This was first published in February 2008