Operation e-mail

2008-10-20T14:51:04Z

E-mail communication is great …if everybody plays by the rules! A synopsis why encrypting is important and html e-mails are evil.

Why the e-mail is dying

The communication medium e-mail's advantages is the fast and easy delivery – nowadays actual worldwide. Also as a mode of group communication e-mail has great potential which in practice is rarely exploited. Though modern spam filters and mail applications made progress in handling our mail routines undesired mails still bother. In this case I do not want to constrain undesired to spam mails, also newsletters or mailing list mails may be of low interest in our daily routines.

Ways to improve our e-mail workflows

Todays mail applications (online as well as offline) have powerful possibilities to filter and sort out incoming mail. This way you can create various inboxes to sort out priorities – at least for the moment. Furthermore you can organize your newsletters in subfolders. As for me, I am subscribed to several interesting newsletters but, honestly I read them sporadically and stacked. The smart filter capabilities are also useful to sort out e-mails of certain topics in mailing lists.

IMAP is a nice way to keep your e-mails available everywhere. Maybe you have the possibility to redirect all your mails to one central mail account. This way you have all your e-mails gathered at one place, automatically filtered by recipient and moved into certain folders you have the possibility to keep different inboxes for different e-mail accounts. Thunderbird and Apple Mail as well as the web-based e-mail application Horde additionally provide the feature of identity management!

But, pst, do not tell anyone so nobody will play fast and loose with it!

Sounds a bit like conspiracy and agents! This way you are able to send e-mails from one account but use different e-mail addresses. Every mail is stored in one IMAP sent folder – no recipient will ever notice you using another e-mail address!

Fine, but where can I configure these identities?

Just a short overview on how to configure these so-called identities in: Thunderbird, Apple Mail, Horde.

Thunderbird: In the menu choose Tools → Account Settings → [account name] → Manage Identities → Add. The rest should be pretty self explanatory.
Apple Mail: Again use the main menu to choose Preferences → Accounts → [account name] → Account Information → e-mail address and insert here a comma separated list of the different e-mail addresses you are going to use.
Horde: After logging in into your web front-end of Horde mail select Options → Personal Information → Edit your Identities. Again, the rest should be self explanatory.

Who is interested in your e-mail?

e-mails provide a lot of possibilities to address e-mails to recipients. There is the to field, the carbon copy- and the blind carbon copy field. Make use of them! It is very convenient, knowing to be directly addressed by an e-mail or just be informed what is going on – be it the scheming way or be it the normal carbon copy way!

HTML e-mails are evil

Some people apparently have giant displays with outrageous low resolution, or they are using magnifying glasses sitting in front of their screens. Otherwise I cannot tell why this Comic Sans comes so damn small and blurry onto my display! There are other useful purposes for HTML in e-mails! Background images and tables – oh, how we all love them.
More than ever I can hardly see any need for markup in e-mails. Like mentioned before, e-mail should stay a fast medium of getting message from A to B, HTML just bloats the filesize thus slows down the transfer. Also there may be problems in quoting HTML mails. I guess colorful text decreases readability in almost 100 % of the cases and markup in general potentially breaks the correct display when viewed with another e-mail client. Attached e-mails are shown inline at the end of the e-mail in most of today's e-mail clients, which besides is convenient concerning scaled display on smaller or larger screens respectively.

No, Apple Mail stationaries did not make that any better!

But there is another reason: many companies try to pep up their services and products by sending newsletters and spam mails containing HTML which – at least for me – resulted in a subtle presumption to have one or another kind of unwanted or not-so important e-mail when receiving HTML e-mails. Of course images are pretty useful for junk mail because possible text cannot be analyzed by any filter. You get the point!

Privacy

There are several reasons why you definetely should encrypt your e-mails. Although nowadays it seems, that personal communication is kinda public interest – everything is communicated using ubiquituous online interfaces, everything is twittered, everybody shows off in facebook or some of its derivations. As if this would have any public benefit! But not enough, the web features more possibilities to promote yourself. Just like the network platforms the blogosphere is stage of vanitas, …uhm, what did I say? Vanity? Guess, both! And despite the many interesting blogs about politics, web development and gadgets the majority of blogs is attended as personal journal – which is a periphrasis for diary.

I think Andy Warhol got it wrong: in the future, so many people are going to become famous that one day everybody will end up being anonymous for 15 minutes.

Banksy – graffiti artist
Bristol, UK

Why has nobody anything to conceal from anybody? I do not want everybody to know everything about me, neither do I want to know most things about people surrounding me. Alright, it is a bit different with my friends. But what about neighbors, fellow students and co-workers? It is really of no interest, which movie I am watching right now, who I am seeing, what I am writing, where I am surfing, which drink I am having at the very moment! In particular, of no interest for my boss or perhaps any kind of administrative authority.
That is one point: politics and administrative bodies. Nowadays we have the special situation of the war on terror. Gosh, I just googled terrorism in order to get this Wikipedia link! Hopefully, nobody will recognize and suspect me to have any sympathy for things like that!

[…] but Mama said it was just a little white lie, it wasn't hurting nobody.

Forrest Gump

Although you got nothing to conceal, you may not want people watching you watching TV or doing this and that now and then. Or why do you ever draw your curtains? Sometimes the idea creeps up to me, that people just do not understand what they are telling everybody on webpages and what they are chatting to individuals on any chatting application! Most people do not seem to have the faintest idea that the internet is public indeed. Moreover nobody knows if we are attending the dawning of a new (perhaps even dark) age during these days of economic crisis and global terrorism. Thus nobody has any clue what will be appropriate in the future and you know anything you say can and will be used against you!

Signing and encrypting

The free encrypting software GNU Privacy Guard (below GnuPG) uses asymmetric encryption which for you results in having two different keys (public and private key) needed to encrypt something. With GnuPG you are able to encrypt files as well as texts. Let us presume we only want to encrypt our e-mail correspondence for this time. Along with your keys you will need the recipients public key for every instance of encrypting. One will need your public key as well, if he or she wants to encrypt something for you! While your public key consequently should be accessible for potential interlocutor of yours, your private key has to be kept as save as possible and only accessible for you, the owner of this key!
Supplemental to the encryption you can sign your e-mails with GnuPG, i. e. everybody may verify if a particular e-mail has been sent from you. If you do not have a receiver's public key, this person would at least be able to check if your e-mail is authentic – if he or she knows what to do with GnuPG signatures!

Pros and cons

Yes, encrypting is great and outclassing. But it also has a dark side. Let me give you some arguments about the merits and demerits:

Advantages

Verification of the e-mails sender
Verification if the e-mail has been altered on the way through the web
Even if your e-mail account gets hacked – your correspondence is save
Nowadays ease of use with various mail clients and plug-ins

Disadvantages

Without a running GnuPG system you are not able to read your mail
Do not loose your private key or you will not be able to read your mails ever again
Your e-mail client is not able to search for specific text in your e-mail archive (however you are still able to search for recipients and senders)
You will not be able to read your e-mails online in your webmail's interface

There is no standard routine how to exchange the public keys, thus to verify the public keys you receive. Best practice would be a personal exchange. One concept to ensure public keys are valid is the Web of trust, which allows you to sign public keys.

It is up to you to appraise these arguments. Since not everybody is using GnuPG you will not be able to send all your messages encrypted anyways. Personally, I try to use it as often as possible – especially for personal data (accounts or access data).

GPG-encrypted mail with ease – Installing GnuPG

Since there is a bunch of very good and detailed tutorials I leave it at redirecting you to some of them:

http://macgpg.sourceforge.net/index.html: Home of GnuPG for Mac OS X
http://www.sente.ch/software/GPGMail/English.lproj/GPGMail.html: GnuPG plug-in for Apple Mail
http://fiatlux.zeitform.info/en/instructions/pgp_macosx.html: Various detailed information on GnuPG usage on Mac OS X
http://enigmail.mozdev.org/home/index.php: Website for the Thunderbird plug-in Enigmail.
http://www.macnotes.de/2007/01/23/tutorial-sicherer-e-mailverkehr-mit-gnupg-mail/: Detailed german tutorial with a lot of screenshots.
http://entouragegpg.sourceforge.net/: Microsoft Entourage plug-in.

These steps are definitely worth the effort, not just, that it is safer to communicate in times of dragnet investigation, perhaps we are able to get rid of these fatuous footer, which tells hundred things to do, if you are accidently chosen as recipient. At least in germany this form of contract is not valid at all. Rescue e-mail&nbps;– keep this medium of mass communication fast, simple and safe.

thefoundation