This is something I’ve set up myself, recently, to send mail through Gmail without
having the unencrypted e-mail stored on their servers.To achieve this, you’ll need a
Google GMail account, PGP or GnuPG, Mozilla Thunderbird, and the Enigmail extension.
First, set your Gmail account to allow POP3 access. This can be set in your mail
settings within the web interface. The Gmail system will tell you the settings you
need to make in Thunderbird in order to use this.
Next, get Thunderbird and the Enigmail extension, and install both,
along with PGP or GnuPG. Then, enter your account settings into Thunderbird,
as per the Google page.
You’ll need to create a PGP key associated with your e-mail address.
In PGP, do this using the GUI interface. With GnuPG, type gpg –gen-key and
follow the instructions. You can set the key type, key size (Go with at least 2048 bits.
Many people use 4096) and the expiry date. Some people set their keys never to expire,
I like a key duration of 6 months, so that I end up recreating keys twice a year,
but at least if someone breaks or otherwise acquires my key during that time, they won’t
have long to do it, nor to use it, before it gets changed again!
Finally, associate the keypair with your e-mail address, in the Enigmail settings
within Thunderbird, and ensure that e-mail defaults to signed and encrypted.
Collect public keys from those people with whom you wish to correspond privately,
and add those to your PGP or GnuPG keyring. Enigmail will then encrypt e-mail sent to
those people, and decrypt e-mail sent from them to you. Mail to a recipient whose key you
do not have will not be encrypted, unless GnuPG / PGP can find a key for them on the
Secure e-mail prevents others reading private communications and the signing process
authenticates the e-mail message as being from you.