Mailpile is an open source e-mail client for Mac, Windows and Linux which has PGP encryption features & key management built in. Mailpile provides local encryption storage for email you retain on your computer unlike most other email clients. Mailpile is not an e-mail service, it is software. It is e-mail client which supports strong encryption. The goal of Mailpile is to make it easy to use PGP encryption. Like Mozilla’s Thunderbird or Microsoft Outlook It is capable of downloading your email from a multitude of online email services and has preconfigured settings for many of the major webmail services.
What is significantly sets Mailpile apart from others is its built with security at the forefront of its design, without the user having to install third party plugins to fulfill encryption and key management needs. First, Mailpile secures your offline email in an encrypted state accessible only by password to decrypt the email. Second, Mailpile uses OpenPGP signatures and encryption which makes it easy to sign and encrypt your email and managing encryption keys. Your encryption keys stay resident on your computer and are not uploaded anywhere.
You cannot of course send encrypted e-mail to someone who does not have an encryption key and software capable of reading and writing encrypted mail. Mailpile is an attempt to remedy this by making an encryption capable e-mail client that you and your colleagues can easily install and use for encrypted email.
Let’s take a look at MailPile:
During setup of Mailpile you will be choose a password for opening and decryption stored in the Mailpile encrypted area. When opening Mailpile you will always be prompted to enter this password.
Start adding your email accounts by clicking on the Add Account button in the center of your inbox:
Add your basic details. You can have Mailpile detect your webmail hosts settings for email sending and receiving:
If Mailpile is unable to detect the email account settings you can enter them manually:
The Security and Privacy area allows you to now associate an encryption key for this newly created account. If you do not have a key pair you can easily generate one here. Mailpile will by default use an ad-hoc, opportunistic model of key distribution and discovery. Public keys will be attached to outgoing e-mail and Mailpile will when necessary search the local mail store for key material before reaching out to key servers or other external services. The trust model will be “TOFU/C”, Trust on First Use/Contact, augmented by historic analysis of observed behavior, with key servers and traditional fingerprint verification as fallback strategies.
You should now be able to download your webmail from your newly configured Mailpile email client:
Composing emails is just like any other client, however using the OpenPGP encryption standard does not encrypt message headers, so the Subject, From and To lines are sent unencrypted.
If you are using Mozilla Thunderbird with plugins such as Enigmail or Outlook, I would definitely try out using Mailpile. It has a great looking & modern GUI, with all of the necessary functions for PGP email encryption built in.