Encryption in Apple Mail: How to improve security with PGP

Protecting your email communications has become increasingly important as cyber threats and data breaches increase. Apple Mail offer encryption, but there are ways to further improve security, for example through PGP (Pretty Good Privacy). In this article, we’ll go over how encryption works in this email service, how you can improve security with PGP, and how to use Apple Mail as a client for our secure eForms.

Show subscriptions
Apple Mail with PGP End-to-End Encryption

Apple Mail, the default email client for macOS, is a popular email client, but are like most other similar services, a major source of data collection for various purposes. Apple, like all other providers, are required by local legislation to provide authorities with access to data.

Apple offer some encryption. But as always, whoever has access to your private keys has access to your encrypted data.

Therefore Apple Mail do not offer truly secure email, but can be used as clients for our eForms if a third-party PGP extension is installed. These extensions provide the ability to send and receive PGP end-to-end encrypted (E2EE) emails with any email client that supports PGP.

 Do not use this solution if untraceability is important to you! We recommend Proton Mail instead if our service is used as a whistleblower channel!

What Is PGP and Why Use It in Apple Mail?

PGP (Pretty Good Privacy) is a data encryption and decryption program that provides cryptographic privacy and authentication. It is widely used for securing emails, ensuring that only the intended recipient can read the message.

Apple Mail, the default email client for macOS, does not include built-in PGP support. However, you can integrate it using third-party tools like GPG Suite, which seamlessly adds OpenPGP encryption to Apple Mail.

Prerequisites

Before you begin, ensure you have the following:

  • A Mac computer running macOS.
  • Apple Mail set up with your email account.
  • An active internet connection.
  • A PGP key pair (if you don’t already have one, we’ll guide you on creating one).

Step 1: Download and Install GPG Suite

The easiest way to integrate PGP with Apple Mail is by using GPG Suite, a package that includes GPG Mail, a plugin specifically designed for Apple Mail.

  1. Go to the GPG Tools website https://gpgtools.org/ .
  2. Click on Download GPG Suite and save the file.
  3. Open the downloaded .dmg file and follow the installation instructions.
  4. Once installed, restart Apple Mail.

Step 2: Generate a PGP Key Pair

If you don’t have a PGP key pair, you’ll need to create one using GPG Keychain, which is included in GPG Suite.

  1. Open GPG Keychain from your Applications folder.
  2. Click New to generate a new key pair.
  3. Enter your name and email address.
  4. Set a strong passphrase to protect your private key.
  5. Click Generate Key and wait for the process to complete.
  6. Once done, your new PGP key pair will be listed in GPG Keychain.

Step 3: Import or Share Your PGP Key

If you already have a PGP key, you can import it into GPG Keychain:

  1. Open GPG Keychain.
  2. Click Import and select your existing PGP key file (.asc or .gpg).
  3. Your key will be added to the keychain.

To share your public key so others can send you encrypted emails:

  1. Select your key in GPG Keychain.
  2. Click Export and share the public key (never share your private key).
  3. Optionally, upload your public key to a key server for easy access.

Step 4: Configure Apple Mail for PGP Encryption

After installing GPG Suite, the Apple Mail app will automatically integrate with PGP.

  1. Open Apple Mail.
  2. Compose a new email.
  3. If GPG Mail is installed correctly, you will see a lock icon in the email toolbar.
  4. Click the lock icon to encrypt the email (you must have the recipient’s public key).
  5. Click the pen icon to digitally sign the email (this proves the message came from you and wasn’t altered).
  6. Send the email as usual.

Step 5: Decrypt Incoming PGP Emails

When you receive an encrypted email:

  1. Open the email in Apple Mail.
  2. If you have the correct private key, GPG Mail will automatically decrypt the message.
  3. If prompted, enter your passphrase to unlock your private key.
  4. The decrypted message will be displayed in Apple Mail.

Troubleshooting and FAQs

1. What if I don’t see the encryption or signing options in Apple Mail?

Ensure that GPG Suite is installed and Apple Mail is restarted. You can also check Mail > Preferences > GPG Mail to confirm that the plugin is enabled.

2. What happens if I lose my private key?

If you lose your private key, you will no longer be able to decrypt emails sent to you. Always create a backup of your private key and store it in a secure location.

3. Can I use PGP encryption on iPhone or iPad?

Apple Mail on iOS does not support PGP encryption natively. You can use third-party apps like PGP Everywhere or iPGMail to encrypt and decrypt emails on your iPhone or iPad.

Summary

Adding PGP support to Apple Mail is a great way to secure your email communication. By using GPG Suite, you can easily encrypt, sign, and decrypt emails, ensuring that your messages remain private and authentic. Follow the steps in this guide to set up PGP encryption on your Mac and protect your digital correspondence.

Apple Mail with PGP support works well as a client for our secure eForms provided that the forms do not require untraceability, eg if used as a whistleblower channel, use Proton Mail for this instead.

For further security, always keep your private key safe, use strong passphrases, and encourage your contacts to use PGP encryption as well. Stay secure and keep your communications private!

Scroll to Top
Privacy Overview
ANON::form logo

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.