Configuring Enigmail

After creating the key pair, the next step is to configure Enigmail. To do so, first launch Thunderbird. Experienced Thunderbird users will notice a new menu item, OpenPGP, which lets you access the Enigmail add-on functionality (see Figure 1).

If you used your distribution's tools to set up the components, you do not need to configure anything now. The OpenPGP | Preferences… box looks fairly spartan (see Figure 2). If you have multiple installations or Enigmail fails to find the installation, just set the right path to GnuPG here.

Also, you need to say how Enigmail should store your passphrase. For security reasons, it makes sense not to save the passphrase permanently.

The default value of five minutes is a useful compromise between convenience and security and keeps Enigmail from asking you for the passphrase for each mail.

Advanced Configuration

Clicking on Display Expert Settings takes you to the advanced configuration, which gives you some interesting – and perhaps some unnecessary – options. In the Sending tab, you can enable Add my own key to the recipients list so you can decrypt messages that you send later. In the Advanced tab, you might also want to enable the Encrypt replies to encrypted messages to avoid forgetting to encrypt a confidential exchange. Also, you should enable '--' is a signal separator and Use '<' and '>' to specify email addresses. When you are done, you can close the settings dialog.

OpenPGP Support

Finally, you need to enable OpenPGP support for the account (Figure 3). To do so, click Edit (or Tools) | Accounts…, select OpenPGP security for your account, and choose Enable OpenPGP support for this identity. Also, you will need to enable the option Sign encrypted messages by default.

This completes the configuration. Don't be surprised when you open OpenPGP again; some menu items are added after enabling the expert settings.