ServerMX email hosting

What PGP is

PGP stands for "Pretty Good Privacy" and is a method for encrypting and decrypting email messages. PGP works by using public key encryption, where each user has a public key and a private key. The public key can be shared with anyone, while the private key is kept secret.

What PGP does

To send an encrypted email using PGP, the sender would use the receiver's public key to encrypt the message. Only the receiver's private key can be used to decrypt the message. This ensures that only the intended receiver can read the email.

PGP is also used for digital signatures, which can verify the authenticity of an email. The sender can use their private key to create a signature, which is added to the email. The receiver can use the sender's public key to verify the signature and ensure that the email was not tampered with in transit.

Why PGP is useful

Overall, PGP provides a secure method for sending and receiving email messages, ensuring that only the intended receiver can read the message and that the message has not been tampered with during transmission.

As it is known, emails are written to the file system; by using PGP technology, no one will be able to read the emails.

To get details on how to use PGP on Roundcube of Servermx, please see the article on Help & How-to section

Step by Step command line guide

1. Install a PGP Software:

There are various PGP software options available, but one of the most popular is GnuPG (GPG). You can download GnuPG for your operating system (Windows, macOS, or Linux) from the official website: https://gnupg.org/download/index.html

2. Generate Your PGP Key Pair:

Open a terminal/command prompt on your computer and run the following command to generate your PGP key pair. Replace your.email@example.com with your email address.

> gpg --gen-key

You'll be prompted to choose the key type and size. The default options (RSA and 2048 bits) are usually fine. Follow the prompts, and you'll be asked for a user ID (usually your name and email) and a passphrase (a strong password to protect your private key).

3. Generate Revocation Certificate:

After generating your key pair, it's a good practice to create a revocation certificate. This certificate will allow you to revoke your public key if it's ever compromised. To generate a revocation certificate,

> gpg --gen-revoke your.email@example.com > revocation_certificate.asc

4. Export Your Public Key:

You can export your public key to share with others. To do this, run:

> gpg --armor --export your.email@example.com > my_public_key.asc

The --armor flag specifies that the key should be in ASCII-armored format, which is a text representation of the key suitable for sharing.

5. Share Your Public Key:

Share your public key with people you want to communicate securely with. You can send it as an email attachment or upload it to a public keyserver. Many key servers are available, such as the MIT PGP Key Server https://pgp.mit.edu.

6. Import Others' Public Keys:

To send encrypted messages to others or verify their signatures, you need their public keys.

> gpg --import their_public_key.asc

7. Encrypt a Message:

To send an encrypted message to someone, use their public key to encrypt it. For example:

> gpg --encrypt --recipient their.email@example.com -o encrypted_message.gpg plaintext_message.txt

8. Decrypt a Message:

To decrypt a message that you've received, use your private key:

> gpg -o decrypted_message.txt -d encrypted_message.gpg

9. Sign a Message:

You can sign a message with your private key to prove it's from you:

> gpg --sign -o signed_message.gpg plaintext_message.txt

10. Verify a Signature:

To verify a message's signature, use the sender's public key:

> gpg --verify signed_message.gpg

11. Revocation:

If you ever need to revoke your key, use the revocation certificate you created earlier.

12. Securely Store Your Keys:

Store your private key securely and never share it with anyone. The passphrase protects it.

13. Backup Your Keys:

Make regular backups of your keys, especially your private key and the revocation certificate. Store them in a safe place.

Remember that PGP provides strong security, but it's essential to manage your keys and passphrases with care to maintain the integrity of your encrypted communications.: