Tormail is down and most probably compromised. The TBB also now looks quite dangerous. So I’ve switched to Tails.
I was looking for an email provider that would work with the mail client in Tails (Claws). I stumbled upon Lavabit, made an account and right when I started to like it, Lavabit got discontinued. Probably because some 3 letter agency asked Lavabit to help them spy on some or all their users but Lavabit flipped them off and closed shop.
The bad thing is that following their instructions I didn’t manage to make SMTP work so I sort of improvised and found a setup for Claws that work. Here how you can have Safe-Mail running in your Tails:
- If you want this setup to be persistent make sure you have enabled persistence on your Tails and that you have setup Claws (the mail client) to persist it’s settings. Instructions on how to enable persistence can be found here: https://tails.boum.org/doc/first_steps/persistence/configure/index.en.html
- Go to https://www.safe-mail.net/ and create a free account.
- Login to your inbox and go to Preferences.
- In the left sidebar click on IMAP/POP and then click on Account access.
- In the pop-up check both IMAP and POP (we won’t use POP so you may try leaving this unchecked).
- Open Claws (Tails’ email client).
- Unfortunately you can’t bypass the wizard so type in these settings when asked: (if your email is email@example.com)
- Your name: xxx
- Your email address: firstname.lastname@example.org
- Server type: IMAP
- Server address: pop.safe-mail.net
- Username: email@example.com
- Password: your safe-mail password
- Use SSL to connect to receiving server (CHECKED)
- SMTP server address: pop.safe-mail.net
- SMTP username: firstname.lastname@example.org
- SMTP password: your safe-mail password
- Leave the SSL settings for SMTP as is, we’ll change them later.
- You may get some errors but don’t worry yet.
- Open menu Configuration –> Preferences for current account.
- Make sure the settings are as shown in the screenshots bellow. Obviously use your own email instead of mine. 😉
- In the last screen you have the option to create GPG key using the default DSA/Elgamal settings. In my opinion you should not use these settings. Instead create your own key with a big RSA key by opening a terminal (click on the black terminal icon on the top bar of Tails) and executing:
- Select (1). RSA and RSA.
- Type 4096 for your keysize.
- Type 0 and then confirm. Your key will last forever. Feel free to choose otherwise if you know what you are doing.
- Real name: obviously don’t type your real name here. Type xxx again. (where xxx is your username in safe-mail.net)
- Email address: email@example.com (again, xxx is your username in safe-mail.net)
- Leave the comment empty unless you want to put some other info that will be visible publicly with your key.
- Type O and press enter to create your key.
- Choose a passphrase to protect your key with. You will need this passphrase to send signed emails or to decrypt emails and files sent to this key.
- Now to publish your key so that people can find it and send you encrypted emails, type and execute:
gpg -a –export xxx@safe > Desktop/mykey.txt
- Go to your desktop and press F5. Double click on mykey.txt
- Select all text and copy it to your clipboard.
- Open Iceweasel (NOT THE UNSAFE BROWSER) and visit http://pgp.mit.edu/
- Paste your key (the one you copied to your clipboard into the Submit a key text area.
- Click on Submit this key to the keyserver!
- You are done! Try sending an email to yourself and don’t forget to click on the Get mail button to retrieve new email.
- To send me an encrypted email you have to import my GPG key first. Download my key: https://smallpeanuts.files.wordpress.com/2013/08/sponsorc.key
- Double click on the downloaded .key file to import it.
- Try to send an email to me. You can see my email on the screenshots above, no need to write it again here for the spambots.
To import a friend’s key that does not have a .key extension, you can rename his key (as he exported it in step 20) into “hiskey.key” and then double click it and Tails will import it. (as you did with my key in step 28) You may also read the comments below to see two more ways to import a key.
If you have any problems applying this to your own Tails leave a comment. If you don’t have any problems applying this to your own Tails, again, leave a comment. 🙂
- Another Secure E-mail Provider Chooses to Shut Down – (dslreports.com)