I assumed the company wanted to be able to send and receive encrypted e-mails to a wide variety of correspondents, and didn't want to install a lot of software on each desktop. To test these three products, I created a situation in which a small company had already set up Outlook clients and Microsoft Exchange servers to handle its e-mail and wanted to add a layer of encryption on top of that with as little effort as possible. For this review, I looked at three solutions: Hush Communications' Hushmail for Business, Voltage Security Inc.'s Voltage Secure Network and Connected Gateway and PGP Corp.'s Universal Server. Today, however, there are a number of low-cost, easy-to-use packages that have gotten around these problems in some clever ways. If you sent an encrypted e-mail to some random correspondent who was likely not using any encryption, they couldn't read the message and needed to install the same tool you used to decrypt it. Email messages won’t be encrypted if the “per recipient” setting is disabled under Key Selection, despite other key selection mechanisms like “by email” and “manual if missing” being enabled.Second, the products were designed to work between two people who were using a matched set of the same tools.
“This especially happens if the compose window is not opened for the first time,” another entry on the bug tracker notes.Ī fourth issue that has been addressed can cause an upgrade from Enigmail 1.6 to 1.7 to break encryption. by clicking the yellow key symbol on the bottom-right) the drafts are correctly encrypted before being sent to the IMAP server,” the bug entry notes.Īnother bug can cause an incorrect encryption or signing status message to be displayed when composing a reply. “If the email is manually marked to be encrypted (e.g. This behavior only happens when the system selects an email for encryption automatically based on an existing per-recipient rule or when the recipient’s public key exists in the local key store. If the IMAP protocol is used, the unencrypted drafts can be synchronized with the email server, exposing potentially sensitive information. Another issue causes drafts to be saved in plain text when writing a new email even when the email is marked for encryption automatically.