Mac OS X Mail Crypto and GMail SMTP
2004 has a great article
on how to set up crypto for Mac Mail, without any plugins, self-signed certificates or even command line configuration!
Here's all you need to do to sign messages:Create a certificate through Thawte's free web of trust.
Download that certificate into Mac OS X's keychain
Click the new 'signature' box that shows up in your compose message window!
And to encrypt messages:
Recieve a signed message from a friend who used the steps above,
Your Mac OS X's keychain will automatically import that friend's public key
Click the 'encrypt' box that shows up in your compose message window when your friend is the recipient!
Now some caveats that I faced:
Gmail's SMTP server replaces your regular email address with your gmail address. So if your signature is for
firstname.lastname@example.org, your messages will still come from
email@example.com. This ruins crypto and your signature will no longer match.
Doteasy appends a stupid ad on all messages forwarded from their servers to other servers. This also ruins crypto and your signature will no longer match.
Gmail silently discards any email where the signature doesn't match. This means you have to make quite sure your signatures are working perfectly before you start using them.
Moral of the story here is that it is very bad to fuck with the content of a signed or encrypted message.