Encryption of mail data storage
-
As I've understood, editing the Roundcube UI is not that easy, so I'm not sure we can add any warnings there. I might be wrong, though, so I'll ping the devs.
I'll also review our help pages to include that information. -
@jane-n Sounds good, thank you! It would have helped me if the information was in the help pages, and hopefully at some point it can be in the UI, but it's okay if the UI is too complex to edit immediately.
-
@jane-n I see your update, thank you!
-
@jane-n Will setting up PGP with a mail client encrypt my whole mailbox, including unencrypted emails that are sent to me?
I see "Encrypt all messages by default" in the settings page but I'm new to PGP and I'm not sure if that means all messages sent and received or just all messages sent.
-
@Gwen-Dragon said in Encryption of mail data storage:
@mutt765 said in Encryption of mail data storage:
Will setting up PGP with a mail client encrypt my whole mailbox
No. It will encrypt the mail body content and attachments.
Of every message sent and received or just the messages I send?
-
@Gwen-Dragon said in Encryption of mail data storage:
@mutt765 The sent mails are not automatically encrypted by OpenPGP. But you can set in webmail client the encryption as default.
Received mails from others need to be encrypted by the senders with OpenPGP.Ok, so to be clear, there's currently no way to encrypt all emails at rest (on vivaldi's servers)?
-
@mutt765 You have a few options:
- You can use anonaddy.com, which will forward emails to you and encrypt them if they are unencrypted. Of course, this is only for mailing lists. But I highly recommend it as it will, for free, give you two custom subdomains: you.anonaddy.com and you.anonaddy.me. Any email [email protected] or [email protected] will become a valid email, so you can give each service you use a separate email. If a service sends you spam, you can tell which one is sending spam and deactivate that email alias.
- You can use a mail client that encrypts any emails sent unencrypted - but I do not know of any that do this.
- You can ask your contacts to send mail encrypted. For this they will need a PGP key. However, they do not need to switch email accounts. A new protocol called "Autocrypt" handles this automatically both for desktop and mobile devices. Of course, you cannot ask mailing lists to encrypt, but see anonaddy above.
- You can switch mail providers.
- You can accept that you need to use PGP for truly private email, encrypting unencrypted mail will only do so much.
Vivaldi is building an email client into the browser. It will eventually support client-side PGP. Upvote this post to show your support for PGP:
https://forum.vivaldi.net/topic/53298/pgp-gpg-de-encryption-and-signing/10?_=1617579194383
And this one for autocrypt:
https://forum.vivaldi.net/post/457703 -
@code3 Thanks Code3, I'll check out anondaddy, I like that idea for newsletters.
-
@jane-n I asked the roundcube devs to add a warning, and they said they did. Are you planning to update soon?
-
@YZ17 Very few providers do that. CalDav/CardDav/WebDAV have no encryption standard.
-