Encrypted E-mailing for Thunderbird on windows

if you don't know what email encryption is and how it works check this page for an explanation. Read this why you should use it!

Programs you'll need:

• Thunderbird - the mailclient
• GnuPG (The encryption itself), download the windows binary
• Enigmail Plugin for Thunderbird (2 files)
  !!! Make sure you get MILESTONE versions of Enigmail, so not any NIGHTLY builds!!!!
• GPGshell - to manage keyrings etc

Installation (for win2000 / xp):

• Thunderbird: just install it!
• GnuPG: open the zip you just downloaded and extract contents to c:\gnupg.
  • If you use another directory: open the gnupg-w32.reg file, which you will find in the GnuPG directory, in an editor like Notepad
  • adjust the entries as you need it for your GnuPG-Installation.
  • Double-click the file to copy the contents of the file into the registry of your system. For the rest of this installation I assume you use c:\gnupg.
• Open Thunderbird:
  • Tools > Options > Extensions > Install New Extension
  • Find the enigmail_blabla.xpi and double-click
  • Go through install
  • Next, install enigmime_blabla.xpi in the same way
  • Restart Thunderbird afterwards
• in thunderbird a new menu item is added: Enigmail!
  • Check Enigmail > Preferences: make sure the GPG executable path is correct (c:\gnupg\gpg.exe) (on mac and linux this is /usr/local/bin/gpg )
  • Goto Tools > Account Settings
  • A new OpenPGP security section has been added to all your accounts!
  • For the accounts you want encryption enabled: click their corresponding OpenPGP security section.
  • Check the 'Enable OpenPGP support (Enigmail)' checkbox
  • 'Use email address of this account to identify…….' is okay as long as you don't want to use multiple keys for one account.
  • For the accounts you want encryption enabled you have to set account settings > addressing & composition 'compose messages in html format' OFF
  • Restart Thunderbird, just to be sure
• OpenPGP is enabled, but you'll need to generate a key:
  • in thunderbird Goto Enigmail > Generate Key
  • Select an account for which you enabled the OpenPGP support
  • Pick a passphrase (not random, you will have to provide it when you want to send encrypted mail)
  • In the 'comment'-section, provide an overview of the key (Primary key for Name for example)
  • Generate Key!
  • Make sure no error messages are displayed in the Keygen Console!
  • Now export your key to a txt/asc file:
  • Get a command prompt (Start > Run > cmd or command
  • Goto c:\gnupg (cd\ and then cd gnupg will do)
  • Check whether a key is generated: in command: gpg --list-keys; some info will appear
  • To export your key: gpg --export -a>my_public_key.asc; .txt will also do
  • Check your key by opening the file you just created in Notepad.
• Encryption is ready!

Managing keyrings:

• GPGshell - Freeware GPGshell is a graphical interface for GnuPG (GNU Privacy Guard). It requires an already working installation of GnuPG , because it does not have any cryptographic code itself. Some basic knowledge about the GnuPG command-lines is recommended. elaborate installation instructions (skip step 3 if u have nt / win2000 or xp and replace it with the add path below)
• for a quick installation:
  • download GPGshell
  • unzip, install GPGshell.exe
  • Add gpg.exe to your path:
    1. Right-click My Computer, and then click Properties.
    2. Click the Advanced tab.
    3. Click Environment variables.
    4. Click Path, and then click Edit to change its name or value.
    5. append ';c:\gnupg\' to the list
    6. click ok a couple of time
  • start gpgshell
  • mport keys from your friends
  • check their fingerprints (best is to hand them over on paper to ensure security) and sign them

How to encrypt a message

• click write message
• click the button openPGP (s/mime button is another encryption protocol)
• click the sig and encrypt box to ensure nobody changes the msg (sig) and nobody can read it (encrypt), except ur adressee ofcourse.
• write your message
• click send
• type your keypassword

Troubleshooting / more resources

• For Troubleshooting, go to http://enigmail.mozdev.org/troubles.html.
• For more elaborate enigmail instructions on installation, go to http://www.moztips.com/index.php?id=87. They don't mention some of the trouble you could run into on especially Windows XP Pro SP1 installs, though.
• Official GnuPG documentation - FAQ

with a lot of thanks to flix for help on writing this page