Posteo Help Help categories Article

How do I install end-to-end encryption for Posteo webmail with Mailvelope (PGP)?

You can use real end-to-end encryption with OpenPGP in Posteo webmail by installing the Mailvelope browser extension.

In this help article we’ll show you how to install end-to-end encryption in Posteo webmail. You’ll learn how to generate a unique key pair for your encrypted communication, or how to import an existing key pair. We’ll also show you how to share your public key with your contacts, so that they can write you encrypted emails.

Contents

  1. Install Mailvelope
  2. Set up Mailvelope
  3. Share public key

Here’s how to install Mailvelope

Google Chrome users can find the extension in the Chrome Web Store. For Firefox you can get Mailvelope on the Firefox Add-ons site.

Mailvelope is an open source project and has undergone security audits by Cure53 and the German Federal Office for Information Security (BSI).

You can find out how to install an extension in the following help articles:

After installation you will see a new menu item in webmail: Compose and encrypt.

Here’s how to generate or import a key pair

Now that you’ve installed Mailvelope, you will need a personal key pair. It consists of two parts: a public key, with which contacts can encrypt the emails they send to you, and a private key, with which you can make encrypted emails readable. Never share your private key. By not sharing your private key, you ensure that only you can read your encrypted emails.

Do you already have an OpenPGP key pair? If so, you can skip ahead to the How to import a personal key pair section.

How to generate a personal key pair

  1. Click the Mailvelope symbol in your browser’s menu.
  2. Click Options to open Mailvelope.
  1. Click Generate key.
  1. Leave the Name field empty in order to protect your privacy.
  2. In the Email field, enter your Posteo email address.
  3. Choose a password for access to your private key and re-enter the password in the next field.
    The password protects your private key from unauthorized access. It should not be the same as you Posteo password.
  4. Uncheck the box next to Upload public key to the Mailvelope Key Server (if you would prefer not to do so).
  1. Click on Generate in the bottom right-hand corner.

Once Mailvelope has generated a key, you will find it in Mailvelope under Key Management. You can now share your public key with contacts.

Here’s how to import a personal key pair

Alternatively, you can also import an already existing key pair into Mailvelope:

  1. To do this, click the Mailvelope symbol in the browser.
  2. Click on Options.
  1. Click on Import keys.
  1. Click on Add file.
  1. Select your key file in “.asc” format.
  2. Click on Import contacts.
  1. Confirm the keys.

You have now successfully installed Mailvelope and created or imported your personal key pair. Now we will show you how to share your public key with others in order to use encryption when communicating with them.

How to send your public key to your contacts

If someone would like to send you an encrypted email, they will need your public key. Using this, they can encrypt emails sent to you.

How to export your public key from Mailvelope

  1. Click the Mailvelope symbol in your browser’s toolbar.
  2. Click on Keychain.
  1. Select Your key.
  1. Click on Export.
  1. Click on Public.
  2. Click on Save.

Tip: Save the key in a place where you can easily find it, and give the file a recognizable name like Public-Key-John-Example.asc.

How to send your exported key as an email attachment

  1. Compose a new email to someone to whom you would like to send your public key.
  2. Click on Attach file and select the key you saved following the steps above.
  3. Click Send.

Done. You have fully set up Mailvelope and shared your public key with others. Learn how to send and read encrypted emails in Posteo webmail here.

You can also publish your public key in the Posteo key directory.

Related help articles