• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 572
  • Last Modified:

sMIME encryption and certificates


I have a Windows 2000 / XP network. I use Eudora as mail client and SLMail as mail server.

I need to implement an sMime encryption on 5 machines (not all). I have found that Eudora does not support this feature, neither there is any graphical plugin that a standard user could easily employ (command line plugins are not useful in this situation). I do not want to move towards Outlook / Exchange: there are cost and security concerns involved. I would like to install some kind of solution that could allow the users to selectively encrypt mails, and add a certificate to them (I cannot encrypt every mail, because I do not know if the adressee would be able to decrypt them).

Do you know of any way to add encryption + certificates to my current configuration?

Additionally, I have a related issue. As I only need 5 certificates, I have contacted VeriSign and Thawte. VeriSign told me that they only issue certificates in pack of 10 or more. Thawte give the certificates for free, but the kind of certificates given is absurd. It is a personnal certificate that somebody else must check in what they call "circle of trust" (or something similar). Obviously, this is not the kind of certificate that a company could use.

What can I do? Any ideas would be appreciated
3 Solutions
Check out the Entrust product here http://www.entrust.com/entelligence/email/quicktour.htm

It sounds like Thawte was talking about PgP certificates. PgP public keys are typically distributed by a circle or web of trust. It works farily well but does have it's obvious drawbacks. You might ask them more specifiically about trusted third party S/MIME  certificates. You might have to remind them that is the way their salaries are paid, by selling stuff! <LOL>

Good Luck
*) mailclient
Have you already considered switching your MailApp to an opensourced one, like Thunderbird from the Mozilla suite?


Thunderbird supports all your required features (costs+security), and lots more.

*) certificates
if smime-mailing is only important between the 5 clients, you could create the certificates on your own by using openssl from openssl.org.
all you have to do is, create a CA-certificate, import it to the 5 clients. after that create one smime-certificate for every client.

you should take some view on how public-key encryption works! -  you want to encrypt a mail, you'll have to use the ADRESSEE's public key.
so the adresse will always be able to decrypt the mail ;)

Looks like the current consensus on S/MIME support for Eudora is here:

However, there's some neat stuff here:

Otherwise, it's like the others have said: grab a commercial plugin like Entrust, or switch to a different mail client.
flechazulAuthor Commented:
Thank you all for your comments. I am working on the Entrust solution, although it is very expensive. I might have no other choice but to switch from Eudora to an integrated s/Mime client like Outlook.

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

Tackle projects and never again get stuck behind a technical roadblock.
Join Now