Email Security

Email Security

Sometimes sensitive data needs to be sent via email and as it travels to its destination it can be intercepted by hackers, isps, the office i.t. geek or even a nosy government. In this tutorial, we’ll discuss how to use Apple’s Mail application to send secure emails that are signed and encrypted.

How does it work? Both parties get a free personal certificate from a trusted source and then we let Mail do the rest.

This tutorial is based on using Apple Mail on Mac OS X 10.4 (Tiger).

Step 1: Create a free Thawte account


From your browser, go to and click on the Join button to create a free account. Follow the instructions to sign up and once completed, confirm your account through the email received.

Step 2: Request a Personal Email Certificate


Once your Thawte account is created and confirmed, you need to request a personal email certificate. Login to the Thawte website though your browser and click on the “Request a Certificate” link from the Certificates section of the menu. From there, select the X.509 format certificate and choose the default settings on the next screens. Note that you will be asked to choose what browser you are using, if you are on safari, you can just select the Firefox option and proceed to the next screen until finished.

Step 3: Install Certificate

Address Book Card

Once the certificate request form is completed, you will receive a confirmation email that should have a link to download the certificate. If by any chance your email is lost, you can download it from the “View Certificate Status” section of the Thawte site. Keep note that a certificate is good for the computer that it was issued from. Double clicking the downloaded file called “deliver.exe” should open it up in the Keychain Access Application and install automatically. You can quit Keychain access now since it’s not required to be open to use the certificate.

Step 4: Test Certificate

Sending a secure email

To test the certificate just open a New Message window in Mail. As long as the email you certified is the one selected in the Account pulldown menu you will notice that there are now two new buttons on the right side of the window, a lock and a check-mark.

Signed Email Icon
Signed Email
A signed email allows your recipient to verify your identity as the sender and also ensures that the message or it’s attachments have not been tampered with during transit. As long as your personal certificate is installed in your computer, you can send a signed email.

Encrypted Email Icon
Encrypted Email
An encrypted message offers a higher level of security since the contents of the email are encrypted and can only be viewed when certificates for both the sender and the recipient are present. To send an encrypted message you must first send a signed email so that the recipient receives your certificate. The recipient then needs to send you an email so that both of you now have each other’s certificates, assuming the recipient has a personal email certificate.

Receiving Secure Email

When the email is received, Mail will show that it’s signed and encrypted by displaying it’s appropriate icon. For an encrypted message, if the recipient does not have the sender’s key, Mail will NOT display the message content. For example, if somebody sends me an encrypted email and I read it through my webmail, I will not be able to read it’s contents because it is an encrypted email. But if I read it through the Mail application and I have the sender’s key from a previews signed message then it will display properly.


Other than the process of going though an external website for obtaining a certificate, Mail’s integration of signed and encrypted messages is seamless. It’s a great feature that is just hidden until needed. Making the user experience simple and clean. And there’s nothing like discovering a great new feature on an App you’ve been using for a long time now.

For those of you having problems getting it to work, Lisa seems to have found a workaround using Firefox. Here’s the exerpt from her comment.

- Fetch your certificate from Thawte’s site in Firefox (or another browser that will backup/export certificates). The certificate should be automatically installed.
- In Firefox (if that’s what you used), go to Preferences > Advanced > Encryption > View Certificates.
- Highlight your certificate and click the Backup button, save your p12 file, and choose a password for it.
- Go to Keychain Access and choose File > Import…, open the saved p12 file, and type your password when prompted.
- Your certificate should now appear in the ‘My Certificates’ section in Keychain. Then open Mail and give it another try — the buttons should be there, provided you have the correct account selected.

60 thoughts on “Email Security

  1. Malcolm Hohensee

    Hi, I discovered this web-site by error when I was browsing Bing ,next I arrived for your webpage. I demand say your webpage is fascinating I essentially like your theme! Nowadays I don�t have the free time at the current moment to fully browse your sitebut I have bookmarked it. I might be back in a day or two. Thanks for a superb site.

  2. Edgardo Jerkin

    I like the detailed information that you discuss on this edu blog. Keep up the fantastic work you do in maintaining this blog as edu domains are normally a target for spam comments. Have you ever thought about submitting your blog to hubpages ?

  3. make more money

    GOOGLE Adsense is the best way make money online if you have your own blog or website. Google Adsense does not need any kind of fee. If you don’t have any blog or web site you can work as free lancer. you can also earn money while uploading and sharing your files with your friends.

  4. Gil Pavis

    If you would like to take your Internet marketing business to the next level, come check-out a forum that has just opened to the public. We teach Underground Internet marketing strategies only found in Paid; High Dollar, Black Hat Internet marketing forums. When you are ready to discover things you’ve probably never thought about, come and take a look! Hope to see you soon!