Atom Feed SITE FEED   ADD TO GOOGLE READER

Mac OS X Mail Crypto and GMail SMTP

2004 has a great article on how to set up crypto for Mac Mail, without any plugins, self-signed certificates or even command line configuration!

Here's all you need to do to sign messages:
  • Create a certificate through Thawte's free web of trust.
  • Download that certificate into Mac OS X's keychain
  • Click the new 'signature' box that shows up in your compose message window!

    And to encrypt messages:
  • Recieve a signed message from a friend who used the steps above,
  • Your Mac OS X's keychain will automatically import that friend's public key
  • Click the 'encrypt' box that shows up in your compose message window when your friend is the recipient!

    Now some caveats that I faced:
  • Gmail's SMTP server replaces your regular email address with your gmail address. So if your signature is for you@yourdomain.com, your messages will still come from you@gmail.com. This ruins crypto and your signature will no longer match.
  • Doteasy appends a stupid ad on all messages forwarded from their servers to other servers. This also ruins crypto and your signature will no longer match.
  • Gmail silently discards any email where the signature doesn't match. This means you have to make quite sure your signatures are working perfectly before you start using them.

    Moral of the story here is that it is very bad to fuck with the content of a signed or encrypted message.