Solved

Email Encryption

Posted on 2008-06-26
18
430 Views
Last Modified: 2008-08-25
Any suggestions for a very good and free email encryption program?
0
Comment
Question by:msheppard74
  • 7
  • 4
  • 2
  • +1
18 Comments
 
LVL 17

Expert Comment

by:StrifeJester
ID: 21875451
Free windows based encryption software is hard to come by.  Here is one of the better solutions we use daily at our office. http://www.pgp.com/products/desktop_email/index.html
0
 

Author Comment

by:msheppard74
ID: 21875504
Ah yes, "Pretty Good Protection"

What email platform do you use? Exchange or is your email hosted offsite?
0
 
LVL 17

Accepted Solution

by:
StrifeJester earned 25 total points
ID: 21875533
You could try this software, I found it a while ago but have never used it yet and cannot comment on how it works though.  http://www.bytefusion.com/products/ens/cryptoanywhere/ca.htm
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 17

Expert Comment

by:StrifeJester
ID: 21875626
We use an onsite exchange server but the client is the determining factor.  As long as the encryption software can plugin to the client.  A lot of companies we deal with also only use PGP due to the other applications it is integrated in such as WS-FTP and others.  We for example do a lot of sending files via ftp using PGP then when they are received here after whatever work is done to them a script automatically picks up the return FTP files and emails a distribution list.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 25 total points
ID: 21875790
you probably don't need any extra software - most email clients (including outlook, outlook express and thunderbird) can natively do s/mime encryption using a s/mime certificate (which you get from the recipient by getting them to send you a digitally signed email) and 3des encryption.

note for almost all email encryption, the recipient has to take the lead - setting up their email key and sending this to all potential correspondents.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 21875810
to clarify - ask the *recipients* of your secure email what they will support, and look to support that. if you wish to receive encrypted mail, then you will need to create a key - with exchange, you can use the ms certificate authority to create and push keys and certificates to the clients.
0
 
LVL 17

Expert Comment

by:StrifeJester
ID: 22058929
Why should DavidHowe be accepted he didn't answer the question at all.  He didn't provide a choice to any software which is what the question asked.  I find it unfair that because he has a higher rank the points are automatically given to him, making it hard for anyone else to gain points and become a respected member.  My comments were responded to by the user directly his came after the discussion.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22060310
Its a subjective thing - Partly, I suspect Tolomir agrees that using the built in s/mime of the software he already has is better than installing new software to deal with it; I could easily have pointed to http://www.gpg4win.org/ which gives you pgp compatible encryption, has an email client bundled and comes with a plugin for outlook; however, that requires that both sender and recipient install new software. I could also point to the gpgrelay package which allows border encryption/decryption of gpg/pgp traffic between the internet and the exchange server.

However, I agree, the pgp product is a good solid one, and if the questioner was asking for a commercial solution to his problem then it would have been a good choice. it just isn't free, and nor is the cryptoanywhere product. There are enough free products out there to supply s/mime or pgp mail that listing commercial products isn't a good answer to anything that asks for "good and free" right in the question.

I don't care about the points - I usually get the 3K I need to keep my account current in the first few days of the month - but I *do* care about the right answer being given where crypto is concerned :)
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22094531
StrifeJester, thank you for your answers still you missed the point.

In fact there are a lot of free even pgp compatible versions out there.

http://www.gpg4win.org/  would be also my 1st choice here.

Apart from that I like that: use your installed software, instead of something new approach here the most. Since you own it already (if not opensource - it's free for you to use)

Thus my suggestion.

Tolomir
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094566
Tolomir: the first real requirement though is that the recipient and sender both have the same (or compatable) software. that is why s/mime is a good choice; your *correspondent* doesn't have to get clearance for/buy/install/use new software, he just uses the software he already has.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094570
I would just note that the hardest (and often only) step in getting an encrypted link in place is to convince the person you are trying to talk to, to use encryption :)
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22094639
Well isn't everyone using windows outlook?

Sure thing, should have put more emphasis on that.

Tolomir

Btw. : http://www.theregister.co.uk/2008/07/25/gmail_adds_https_only/



0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094667
well this guy is - he is an Exchange user (per detail of question)

however, you don't need to be running outlook - outlook express, thunderbird, groupwise, lotus notes.. the list is near endless. S/mime support is pretty much the rule, rather than the exception, and it all interoperates.

exchange+windows 2003 has one advantage though - you can use the microsoft cryptographic services to generate and install a s/mime key and certificate into a client node automagically, though a process called "autoenrollment".
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 22094677
oh - and gmail has supported tls on their pop3, imap and smtp services for some time. in fact iirc they insist on it.

I have given up being surprised when google get things right; maybe they should have let microsoft buy them, just in case it was infectious :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
Worried about if Apple can protect your documents, photos, and everything else that gets stored in iCloud? Read on to find out what Apple really uses to make things secure.
how to add IIS SMTP to handle application/Scanner relays into office 365.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question