Thunderbird as a client for your secure web forms

4 min read

Our forms work with all email clients that support PGP encryption. If untraceability is less important to you and Proton feels unnecessary, we recommend Mozilla Thunderbird as a client for our secure web forms instead.

We recommend Thunderbird as a client for our secure web forms if you don't prioritize untraceability and would rather use an email solution other than Proton.

Mozilla Thunderbird is a very robust and powerful e-mail program that has been completely free for many years and looks and works the same on all different computers whether you use Microsoft Windows, Linux-based operating systems or Unix-based operating systems including Mac OS X.

The program is built on open source code, respects your privacy and has built-in support for OpenPGP since version 78.

IMPORTANT! Thunderbird is an e-mail client that you use as a client for your existing e-mail box with e.g. Google, Office365 and other e-mail providers. This means that all email handled by Thunderbird is seen by your email provider. Since the form content is end-to-end encrypted (E2EE), the content itself is protected. However, the transport and some metadata may still be logged by your email provider. Do not use this solution if untraceability is important to you!

To use Thunderbird as a recipient of the form data from our secure web forms:

1. Download and install Thunderbird. If you already have the program installed, check that this is at least version 78.2.1 (always update so you have the latest version of your programs).

2. Create a new e-mail address, or preferably a new e-mail box, with an e-mail provider that will receive form data.

3. Connect Thunderbird to the email account you intend to use as a recipient of the form data. POP3 works but we recommend IMAP for better functionality. Check that everything is working by sending an email to the new address.

4. Add a PGP key pair to the account by going to “Account Settings” > select your account > “End-to-End Encryption” > “Add Key”. If you already have a key pair you want to use, select import, otherwise select “Create a new OpenPGP key”. Follow the instructions, keep the default settings offered. Finish by specifying that the key pair is to be used by the account.

5. Export your public key to a file. To do so, click on “Tools” and then select “OpenPGP Key Manager.” Select the key you want to export in the “OpenPGP Key Manager” dialog box, then click “File” > “Export Public Key to File”.

6. Now you can use your public key in your settings for our secure web forms. In the LITE control panel; open the downloaded file in a text editor, enter the email address associated with the key in the “Recipient email” field and copy the contents of the file with your public key into the “PGP public key” field.

The above instructions are only listed as the steps you need to take to create your solution. Feel free to delve into the articles “How to Use OpenPGP Encryption for Emails in Thunderbird” and “OpenPGP in Thunderbird – HOWTO and FAQ” (which also describes how to replace the Enigmail add-on to the built-in function if you already have Enigmail) before creating your solution.

IMPORTANT! Be sure to use the correct email address for the public key you use for your web forms as they are linked. You cannot use a PGP key pair for any other email address than the one for which the key pair was created.

We also recommend that you use a dedicated email address that is only used to receive form data. Please do not use the same e-mail address that you use to receive form data to, for example, communicate with the person who submitted the form.

IMPORTANT! The exported public key file is a text file that, regardless of the file extension, must be opened in a text editor (such as Notepad in Windows) that displays plain text without formatting when you copy the content. You can’t use your favorite word processor for this.

Scroll to Top