In the Posteo webmail interface, you can use genuine end-to-end encryption with the browser add-on Mailvelope.

In this help article, we show you how to install end-to-end encryption in the Posteo webmail interface. You will find out how to create an individual key pair for encrypted communication or import an existing one. In addition, we show you how to send your key to contacts, so that they can write encrypted emails to you.

How to install Mailvelope

Google Chrome users can find the add-on in the Chrome Webstore. For Firefox, you can obtain Mailvelope as a download from the Mailvelope website.

Mailvelope is an open source project and has undergone an independent security audit by Cure53.

You can find out how to install an add-on in the following help articles:

• How do I install a Firefox add-on?
• How do I install a Google Chrome extension?

How to check the installation

After installation, you will see a new menu item in the webmail interface titled Compose and encrypt.

Click Compose and encrypt, to check your installation. If you see a Mailvelope lock symbol in the text field, the installation was successful.

If you do not see this, please check whether you have activated the Mailvelope API for Posteo.

How to create or import a key pair

If you have installed Mailvelope, you will now need a personal key pair. This consists of two parts: a public key, with which your contacts encrypt emails to you, and a private key, with which you can make encrypted emails readable. Never give anyone your private key. This ensures that only you can read your encrypted emails.

Do you already possess an OpenPGP key pair? If so, you can skip forward the How to import a personal key pair section.

How to generate a personal key pair

1. Click the Mailvelope symbol in your browser’s menu
2. Click Options to open Mailvelope

3. Click Generate a key

4. In the Email field, enter your Posteo email address. Choose a password for access to your private key. This should be different to your Posteo password.
   The password protects your private key from unauthorised access.
   Leave the name field empty to protect your anonymity
5. Click Submit

6. Wait until your key pair has been created

Once Mailvelope has created your key pair, you will find it in the Mailvelope key chain.

How to import a personal key pair

Alternatively, you can also import a key pair that already exists to Mailvelope:

1. To do this, click the Mailvelope symbol in the browser
2. Click Options

3. Click Import keys
4. Click Select a key text file to import
5. Select your key file in the format “.asc”
6. Click Import

You have now successfully installed Mailvelope and created or imported your personal key pair. We will now show you how to share your public key with others, in order to communicate encrypted with them.

How to send your public key to your contacts

If someone wants to send you an encrypted email, they will need your public key. Using this, they can encrypt emails to you.

Exporting your public key:

1. Click the Mailvelope symbol in your browser
2. Click Options

3. Open the Key management tab
4. Click Display keys
5. Select your key

6. Click Export
7. Select Public
8. Save the key to your computer by clicking Save

Tip: Save your key in a place that you can quickly and easily find it. Give the file a recognisable name such as Public-Key-John-Example.asc.

Now send the exported key as an email attachment.

1. Write a new email to the person you wish to send your public key to
2. Using Attach a file, attach they key you just saved
3. Click Send

Tip: In addition, you can publish your public key in the Posteo key directory.

Related help articles

• How do I send an end-to-end encrypted email in the Posteo webmail interface and how do I make encrypted emails readable?
• Does my S/MIME or OpenPGP key need to fulfil certain criteria?
• How do I activate inbound encryption with my public PGP key?
• How do I use PGP/MIME on an Android smartphone or tablet?