Secure email, how to avoid interception?

First, this is not unique to Apple's Mail program. All e-mail is, by default, send "in the clear," meaning totally readable. If you send an e-mail while sitting on an open wireless network (ie, one with no password), anyone else on that network with the right software can not only read it, but they can see the password send to the e-mail server and then gain access to your e-mail account.

Second, regarding how someone intercepted your e-mail, the question is, what was the situation? Was it someone who was on the same open wireless network as you, someone who was on the same open wireless network as the recipient, or someone in a completely different location? I'll explain a solution for the first two problems, but if it is someone with access to your e-mail server, you can't do anything about it (other than report the issue to someone).

To protect yourself on open networks, you need to use an SSL connection when sending or checking mail. Many e-mail servers support this, but you'll need to check with your service provider and find out 1) if they do, and 2) how to set it up. Different providers may use a different server for SSL or a different port on the same server, so you'll need to find out those details from them. Once you have set Mail to connect to your account via SSL, the connection from your machine to the server is secure. Of course, anyone with access to the server can see your mail, and if the recipient isn't also using SSL, the e-mail could be snooped on that end.

Hope this helps!

It seems like a simple problem... but, as with many things, it's not.

There are several points where e-mail can be intercepted: the sender's computer, the sender's mail-transfer provider (the server you send mail through), the recipient's mails server, and the recipient's computer.

On the sender and recipient's computers, e-mails can be had by simply things, such as gaining access to the computer's disks, or more complex things like installing software to capture the screen or record keystrokes. The standard precautions of using good passwords, locking down access to the filesystem (even using a FileVault or otherwise encrypted disk volume), and keeping malware off your computer apply.

During mail transfer, e-mails can be captured various ways. The default protocol for mail-transfer, SMTP, transmits mail in the clear. Anyone with access to the network along the route between the mail server and the sender/recipient computer can listen in on the conversation and capture a copy of the message. This can be mitigated using a secure mail transfer protocol, such as using SSL. Unfortunately, not all mail service providers support encrypted mail transfer.

Once the mail makes it to the recipient's mail server, it's only as secure as the recipient's password. If the username and password can be broken, clearly someone will have full access to the messages.

One thing you can do is encrypt your messages. This can be done using Keychain Access. Basically, if you create a certificate for yourself and place it in the keychain, an encryption button will automatically appear in the Mail and you can send encrypted e-mail messages. How you do this is actually pretty awkward. You can get a personal certificate signed by thawte.com, or you can use Keychain Access to make yourself a certificate authority and use it to sign your certificate (and those of your friends). That's a little complicated to go into here, but perhaps I should make a tutorial on the subject.

The biggest problem with mail encryption is that people find the notion of encryption and keys very confusing...

As I understand it, certificates work a lot like PGP encryption, if you're familiar with that. If you're not, here's the basic idea: you have a "private" key that nobody else sees and a "public" key that you can give to anyone. People with your public key can use it to encrypt messages that can then be opened only by someone with your private key (which should only be you). Similarly, you can "sign" a message using your private key, and anyone can read it but they can also verify, using your public key, that you really wrote it. You can encrypt messages to anyone else whose public key you have a copy of.

The big downside to all this is, of course, that it requires recipients to know about all this and to have those keys.

And I really don't know the details of how this PGP terminology relates to certificates, but I believe it works the same way.

If that's the case and the interception had to happen within the AOL system, then you should immediately report this to AOL. Was the person who intercepted the e-mails an AOL employee? If not, you need to let them know that this person has access to their servers. If so, you need to let them know that this person is using their position to snoop on other people's mail.

You're correct. The certificate contains the public key. What makes it a certificate is additional information about key, including whether or not it was signed by a certificate authority that vouches for the identity of the certificate holder (which would be necessary if you are using it to validate a signature with it as being from a particular person).

Public key encryption requires that both sender and recipient have a key. To send an encrypted message, you require the "public key" of the recipient and your own private key. The recipient will need a copy of your public key. Keys are paired, so you need to make sure that you use the private key that matches the public key you've given to your recipient.

You could always encrypt the file with something simpler that just requires a simple password to open, but of course, then you're assuming the recipient has the software to open that encrypted file. For example, you can make an encrypted disk image file, but then if the recipient has a Windows machine, they can't open it. You could make an encrypted StuffIt file, but most Mac users don't have a copy of StuffIt Expander anymore, like they all did back in the 90s, and most PC users never have had a copy of it. I could go on... unfortunately, that's just the poor state of encryption right now. You'll just have to accept clear text transmissions, or you'll have to somehow coordinate with the recipient.

Well, remember, SSL is only for the connection. If you've got SSL, definitely use it, especially if you ever use open wireless networks. But the encryption is only on the data transmitted, and once the data reaches the server it is decrypted. So we're talking about two kinds of encryption here.

Look [here|http://forums.macosxhints.com/archive/index.php/t-49275.html] for more info about encryption tools.