Solved

Email Encryption

Posted on 2008-06-26
18
419 Views
Last Modified: 2008-08-25
Any suggestions for a very good and free email encryption program?
0
Comment
Question by:msheppard74
  • 7
  • 4
  • 2
  • +1
18 Comments
 
LVL 17

Expert Comment

by:StrifeJester
ID: 21875451
Free windows based encryption software is hard to come by.  Here is one of the better solutions we use daily at our office. http://www.pgp.com/products/desktop_email/index.html
0
 

Author Comment

by:msheppard74
ID: 21875504
Ah yes, "Pretty Good Protection"

What email platform do you use? Exchange or is your email hosted offsite?
0
 
LVL 17

Accepted Solution

by:
StrifeJester earned 25 total points
ID: 21875533
You could try this software, I found it a while ago but have never used it yet and cannot comment on how it works though.  http://www.bytefusion.com/products/ens/cryptoanywhere/ca.htm
0
 
LVL 17

Expert Comment

by:StrifeJester
ID: 21875626
We use an onsite exchange server but the client is the determining factor.  As long as the encryption software can plugin to the client.  A lot of companies we deal with also only use PGP due to the other applications it is integrated in such as WS-FTP and others.  We for example do a lot of sending files via ftp using PGP then when they are received here after whatever work is done to them a script automatically picks up the return FTP files and emails a distribution list.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 25 total points
ID: 21875790
you probably don't need any extra software - most email clients (including outlook, outlook express and thunderbird) can natively do s/mime encryption using a s/mime certificate (which you get from the recipient by getting them to send you a digitally signed email) and 3des encryption.

note for almost all email encryption, the recipient has to take the lead - setting up their email key and sending this to all potential correspondents.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 21875810
to clarify - ask the *recipients* of your secure email what they will support, and look to support that. if you wish to receive encrypted mail, then you will need to create a key - with exchange, you can use the ms certificate authority to create and push keys and certificates to the clients.
0
 
LVL 17

Expert Comment

by:StrifeJester
ID: 22058929
Why should DavidHowe be accepted he didn't answer the question at all.  He didn't provide a choice to any software which is what the question asked.  I find it unfair that because he has a higher rank the points are automatically given to him, making it hard for anyone else to gain points and become a respected member.  My comments were responded to by the user directly his came after the discussion.
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 33

Expert Comment

by:Dave Howe
ID: 22060310
Its a subjective thing - Partly, I suspect Tolomir agrees that using the built in s/mime of the software he already has is better than installing new software to deal with it; I could easily have pointed to http://www.gpg4win.org/ which gives you pgp compatible encryption, has an email client bundled and comes with a plugin for outlook; however, that requires that both sender and recipient install new software. I could also point to the gpgrelay package which allows border encryption/decryption of gpg/pgp traffic between the internet and the exchange server.

However, I agree, the pgp product is a good solid one, and if the questioner was asking for a commercial solution to his problem then it would have been a good choice. it just isn't free, and nor is the cryptoanywhere product. There are enough free products out there to supply s/mime or pgp mail that listing commercial products isn't a good answer to anything that asks for "good and free" right in the question.

I don't care about the points - I usually get the 3K I need to keep my account current in the first few days of the month - but I *do* care about the right answer being given where crypto is concerned :)
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22094531
StrifeJester, thank you for your answers still you missed the point.

In fact there are a lot of free even pgp compatible versions out there.

http://www.gpg4win.org/  would be also my 1st choice here.

Apart from that I like that: use your installed software, instead of something new approach here the most. Since you own it already (if not opensource - it's free for you to use)

Thus my suggestion.

Tolomir
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094566
Tolomir: the first real requirement though is that the recipient and sender both have the same (or compatable) software. that is why s/mime is a good choice; your *correspondent* doesn't have to get clearance for/buy/install/use new software, he just uses the software he already has.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094570
I would just note that the hardest (and often only) step in getting an encrypted link in place is to convince the person you are trying to talk to, to use encryption :)
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22094639
Well isn't everyone using windows outlook?

Sure thing, should have put more emphasis on that.

Tolomir

Btw. : http://www.theregister.co.uk/2008/07/25/gmail_adds_https_only/



0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094667
well this guy is - he is an Exchange user (per detail of question)

however, you don't need to be running outlook - outlook express, thunderbird, groupwise, lotus notes.. the list is near endless. S/mime support is pretty much the rule, rather than the exception, and it all interoperates.

exchange+windows 2003 has one advantage though - you can use the microsoft cryptographic services to generate and install a s/mime key and certificate into a client node automagically, though a process called "autoenrollment".
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094677
oh - and gmail has supported tls on their pop3, imap and smtp services for some time. in fact iirc they insist on it.

I have given up being surprised when google get things right; maybe they should have let microsoft buy them, just in case it was infectious :)
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Resource Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: Navigate to the Recipients >> Resources tab.: "Recipients" is our default selection …
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now