How to Encrypt Your Emails in Apple Mail on Mac

Why should I bother encrypting my emails?

I'm sure you've heard about the newest WikiLeaks info that hit the Internet, namely Vault 7. As it happens and to nobody's great surprise, the CIA has an entire arsenal built entirely for hacking into iPhones, iPads, and even AirPort routers. The only good news so far is that it does not look like Vault 7 contains anything to bypass email encryption tools. ProtonMail, an email encryption tool, and service used by many people around the world have been strenuously examining Vault 7. Andy Yen, the co-founder of ProtonMail, said recently that email encryption is still alive and kicking despite the Vault 7 leaks.

As far as we know, the key cryptographic algorithms and techniques used by ProtonMail and other encrypted services continue to be effective tools of encryption. What we should be worried about is the end-user encryption instead. Apparently, the CIA has discovered a way to snoop directly on our devices, but not break the end-to-end encryption of our emails.

How to encrypt your Apple Mail.

Fortunately, macOS Sierra comes with a built-in email client, which has its own encryption. What's more, it's surprisingly good. Apple's Mail supports S/MIME, (Secure/Multipurpose Internet Mail Extensions), right out of the box. S/MIME is one of the safest and most secure standards for email encryption anywhere on the planet. Should you choose to get a Certificate authority (CA) certificate at StartSSL with Safari, you'll be able to encrypt your emails on Apple Mail right away. Don't jump for joy just yet, though. There is a catch. For some reason they decided to make sending an encrypted email from your iPhone is absurdly and unnecessarily complicated.

When you install the certificate directly into Keychain Access, you will be signed in and your emails encrypted automatically.

What if I want to encrypt my emails but I don’t want to use Apple Mail?

There are other encryption options if you don't want to use Apple Mail's encryption or if you prefer to use OpenPGP (Pretty Good Privacy), a good choice is Freron Software's MailMate. MailMate is an IMAP email client with across-the-board keyboard control. It supports Markdown email composition, which is admittedly rather lackluster, but on the other hand, MailMate sports an impressive array of features and tools. MailMate sports automatic signature handling, tagging, and integration with third-party apps. As for encryption, it can easily handle both OpenPGP and S/MIME. You don't have to purchase the app straight away either, there is a 30-day trial of MailMate, after which a single-user license will cost you $49.99, but at least you can try it for free first.

Try ProtonMail encryption.

Another option is ProtonMail, which I talked about at the start of the article. It has a fantastic iOS app, but unfortunately, there's no Mac support. There's a way around it, though. You can access your encrypted email through your web browser while using ProtonMail's web client to send and receive encrypted email. The encrypted messages are stored on ProtonMail's servers located in Switzerland and they're encrypted heavily to keep your correspondence safe. Then they get transmitted the same way to your devices. ProtonMail advanced encryption standards like AES, RSA, and OpenPGP encryption.