Using GPG Keys with Mozilla Mail Clients
Fedora Core includes Mozilla Thunderbird in the thunderbird
package, and the mozilla-mail
package for the Mozilla Suite email application. Thunderbird is the recommended Mozilla email application. This appears on your desktop as Applications > Internet > Thunderbird Email.
Mozilla products support extensions, plugins that add new features to the main application. The Enigmail extensions provide GPG support to email products from Mozilla. Versions of Enigmail exist for both Mozilla Thunderbird, and the Mozilla Suite (Seamonkey). Netscape software from AOL is based on the Mozilla products, and may also use this extension.
To install Enigmail on Fedora systems, follow the instructions given below.
Enigmail uses the term OpenPGP in menu items and options. GPG is an implementation of OpenPGP, and you may treat the terms as equivalent.
The homepage for Enigmail is: http://enigmail.mozdev.org/download.html.
This page provides screenshots of Enigmail and GPG in action: http://enigmail.mozdev.org/screenshots.html
Installing Enigmail on Fedora
There are two ways to install Enigmail on Fedora systems, perform the following steps:
Using DNF or YUM
Enigmail is now available in fedora repository. It can be installed with DNF by typing:
# dnf install thunderbird-enigmail
Or with YUM:
# yum install thunderbird-enigmail
Using Thunderbird
- Open Thunderbird and through the application menu select "Add-ons".
- A new tab will open with the Add-ons Manager. On the search box search for enigmail.
- A list of results will appear. Click "install" on Enigmail. When installation is complete you will need to restart Thunderbird.
Manually
- Open the Enigmail download page in your Web browser: http://enigmail.mozdev.org/download.html
- Download the relevant extension. Fedora Core 4 includes Thunderbird version 1. Fedora Core 5 supplies Thunderbird version 1.5. In Firefox, right-click the relevant extension, choose Save Link As..., and select Save. Mozilla extensions are XPI files, and have the suffix
.xpi
at the end of the filename.
- If Thunderbird is currently running, close it.
- To install the specified extension for all users, run Thunderbird as the
root
user with the-install-global-extension
option. For example, to install/home/me/enigmail-0.94.0-tb15-linux.xpi
, enter following command:
su -c 'thunderbird -install-global-extension /home/me/enigmail-0.94.0-tb15-linux.xpi'
Enter the root
password when prompted.
This command installs the extension without opening a window on your desktop.
- Alternatively, to install the extension for your account only, load Thunderbird and choose Tools > Extensions > Install. Select the XPI file, and OK. Close Thunderbird.
- Load Thunderbird as normal. If you see the OpenPGP menu, Enigmail is successfully installed.
Signed messages automatically display their status at the top of the message window. To sign messages that you send, follow the instructions below.
Configuring a GPG Signature in Thunderbird
- Install the Enigmail extension, as explained above.
- If you do not have a GPG key, follow the instructions on this page to generate your key: Creating GPG Keys
- Open Thunderbird Email, and select Edit > Account Settings.
- Choose OpenPGP Security for the e-mail account that requires digital signatures.
- Select Enable OpenPGP support (Enigmail) for this identity. If your GPG key lists a different email address to the address for this identity, select Use specific OpenPGP key ID, and enter the ID of the key.
- To automatically sign all emails from this account, select both Sign non-encrypted messages by default, and Sign encrypted messages by default. Selecting Use PGP/MIME by default will use always use PGP/MIME which will work better on most recipients email clients. Select OK to close the Account Settings.
- Choose Composition & Addressing for the same account. Ensure that Compose messages in HTML format is disabled.
- Choose OK to apply the changes.
Sending a Signed E-mail with Thunderbird
If you configure Thunderbird to sign email for the account by default, the emails that you send automatically include your GPG signature.
Otherwise, follow these steps to send a single email with a GPG digital signature:
- Select Write.
- Compose the message as normal.
- Click the OpenPGP button. Select both Sign Message and Use PGP/MIME, and choose OK.
- Choose Send.
- If prompted, enter the passphrase for your GPG key.