Email Security - GnuPGP


Active Member
Jun 26, 2004
Hi there,
i would like to know if there is a way to encode email
traffic between a mail server and its clients.

The details:

A client sends an encoded email, the server recieves it, decodes it and then sends it to the recepients address. And the same vica versa. If the server recieves an email for its client, it encodes it. The client downloads the email and decodes it.

I have read a few pages about GnuPGP but i am not sure if i can use it for this thing..

How can i set this up (serverside)?

Thanks & Regards


Well-Known Member
May 18, 2005
I am not sure why you need the system to be as complicated as you describe. All that you need to send an encrypted email is for you and the recipient to have en/decryption software in your mail cient (I'm sure there must be plenty of PGP/GPG extensions to do this for thunderbird) and to have each others public keys.

Your mail client will then encrypt and sign the email contets as you send it. The email will however still have an uncryted header so that it can get sent and delivered. The mail server will treat it as any other piece of email (they don't care about the body) and either relay it to the recipents mail server or deliver it locally. The recipent can then decrypt the body using his private key when it arrives in his inbox.

The mail server does not ever have to worry about doing any encrypting or decrypting of email messages.


Active Member
Jun 26, 2004
Thanks for your reply,
yes i knew about that client side encoding.. I just wanted to know if there was a application that would be able to protect normal emails (not just for certain recepients) on their way to the mail server and from the mail server to the client...
Both the client and the server would know the key.

So that the clients ISP would not be able to read the emails. Actually a protection against ISPs and 3rd party DNS (mail) services.


Best Regards


Well-Known Member
Jun 1, 2002
cPanel Access Level
Root Administrator
But that only protects the email during that small short path from server to client.

This is like putting a postcard in an envelope, so no one can read it while you walk from the kitchen to the mailbox. Then, when the mailman gets it, he opens the envelope, and delivers your postcard for everyone to read.

Where's the security in that?
Seems like smoke and mirrors.


Well-Known Member
Verifed Vendor
Jun 15, 2002
Go on, have a guess
Indeed. The only way to have end-to-end security is to use public/private key encryption of the email text, typically done using the likes of PGP or OpenPGP within the email client (as mentioned by elliotcooper). Anything else is pretty much pointless.