HT204093: Use Mail on your Mac

Learn about Use Mail on your Mac
MaceyOR

Q: Recommendation for mail encryption

I have a MacBook Pro. 10.10.5.  I tried the email encryption application from Apimac but the application crashed every time I tried to use it.  So I am looking for another software program.  Thanks for the recommendations.

MacBook Pro (13-inch Early 2011), Mac OS X (10.7.5)

Posted on Sep 18, 2015 6:34 PM

Close

Q: Recommendation for mail encryption

  • All replies
  • Helpful answers

  • by Linc Davis,Helpful

    Linc Davis Linc Davis Sep 20, 2015 3:34 PM in response to MaceyOR
    Level 10 (208,037 points)
    Applications
    Sep 20, 2015 3:34 PM in response to MaceyOR

    Go to InstantSSL and request a free S/MIME signing certificate. It's valid for a year, only for the address you specify. You'll be prompted to set a revocation password, which you'll need if you ever want to stop the key from being trusted. I suggest you save the password as a secure note item in the keychain.

    Click the link in the message you'll receive at that address. A file named "CollectCCC.p7s" will be downloaded in your web browser. Double-click the file. It will open in Keychain Access. Confirm that you want to import the keys it contains. Store the key in your default keychain, usually named "login", not in the "System" keychain.

    Two items will be added to the keychain you specify. Both are named "Key from secure.instantssl.com". One is of type  private key and one is of type public key. You'll want to delete those items when the key expires or is revoked.

    Quit and relaunch Mail. When you next compose a message from the certified address, you'll have the option to sign it.

    The first time you sign a message with the new certificate, you'll be prompted to allow Mail to use it in the keychain. Click  Always Allow.

    Important:

    1. You must quit and relaunch Mail before the certficiate will be recognized.
    2. Mail that is only signed is not encrypted; anyone can read it. The recipient can be reasonably sure that it came unaltered from a person who receives mail at the sender's address. That is not proof of the sender's identity.
    3. To encrypt messages, the recipient must already have gone through a similar setup process, and you must know his or her public key. The key can be sent to you in the clear, attached to a signed message, but again, you have no proof of the sender's identity. All you know is that he can receive mail at the specified address.
  • by MaceyOR,

    MaceyOR MaceyOR Sep 20, 2015 3:37 PM in response to Linc Davis
    Level 1 (0 points)
    Sep 20, 2015 3:37 PM in response to Linc Davis

    Thank you very much for this guidance.  However I am an insurance agent so the private emails need to go to a wide audience that's why I was looking for a turn key solution. The ApiMac Ecrypt Emial application was a great program and provided the features I was looking for, however it just isn't stable on my machine.  If I could find a recommendation for a similar program that would be ideal. There are a lot of programs in the marketplace but finding one that is well designed and reliable is my struggle.

     

    Best,  L.