Send encrypted e-mails with Guard
When drafting an e-mail with mailbox.org, simply click on the padlock symbol in the upper-right corner above the composer window. This makes sure your message will be sent with OpenPGP-encryption. Alternatively, open the security settings and tick the corresponding checkbox to enable encryption.
Our system makes it convenient to email other PGP users because it retains the public PGP keys of any previous communication partners. If the system can find a valid OpenPGP key for your stated recipient, a symbol will appear next to their e-mail address to indicate that your message will be encrypted automatically before submission.
The mailbox.org Guard will search the following repositories for valid OpenPGP keys:
- Our internal key directory of mailbox.org users who have Guard enabled;
- Your individual key ring containing the public keys of all your previous communication partners. This key ring can be maintained by you, and as such, allows the manual importing of PGP keys;
- Shared keys of other Guard users that exist within your communication context, i.e. other users of shared family- or business accounts.
What happens if the recipient does not use PGP?
If the system can not find a valid OpenPGP key for your stated recipient, a green symbol will appear next to their e-mail address to indicate that a temporary mailbox will be created for this user.
What happens now is that your message will be stored encrypted on our servers, and the external user will receive two e-mails:
- An e-mail containing a web-link to the temporary mailbox and
- A second e-mail with the password required to log in.
As the login credentials for the external user will be sent in two unencrypted e-mail, it is theoretically possible for a third party to intercept this information. You can add en individual message to the unencrypted mail with the link:
For this reason, you may want to secure access to the temporary mailbox with an additional PIN code. This PIN will not be sent to your recipient but only to you, the sender. It is then necessary that you let your communication partner know what their PIN is, using a secure secondary channel. So, for instance, you could phone them up, send a text or a chat message, or simply tell them directly if you have a way to meet in person.
The PIN for the temporary mailbox does not change, which means you only need to do this once to establish basic security. As soon as your communication partner has knowledge of the PIN, you may exchange as many e-mails as you wish without any further ado.
In order to read secure e-mail, your recipient does not need to know anything technical about encryption or PGP. A tutorial on how to use the temporary mailbox can be found in the FAQ-section.