Anyone using PGP inbox encryption?

I’m just trying about with free trial. Is PGP inbox encryption actually usable and easy to convert to other provider later on?

The web UI and Mailvelope are slow, so I’m considering only using Thunderbird and third-party mobile apps. Also, I wonder it would work with Simplelogin forwarding with PGP option as I’m already having some problem with Mailvelope.

It’s overall less polished compared to other product and their suite is not so usable as it’s so slow. But i’m considering them because a. unlimited custom domains b. ability to encrypt inbox with own PGP key.


I use Mailbox with their PGP encrypted inbox Guard. Once it is set up it works smoothly. I only use it with Thunderbird or Canary Mail.

Encrypted email forwarding from SimpleLogin does not cause any problems.

1 Like

Here are a few interesting articles about PGP encryption:

1 Like

Thanks for your comment! Do you upload your private key to their server when using Guard?

Guard generates a key pair for you upon activation, which you can later replace with your own PGP keys.

When you use Guard, your keys are uploaded to Mailbox.

You also have the option of not uploading your private key to the Mailbox servers. You can then continue to retrieve your encrypted emails with IMAP or POP3 and read them locally with the email client of your choice and/or the respective PGP program.

Quote from a Mailbox article:
Meanwhile, all encryption keys are kept safe on our servers, managed in a secure environment by our experienced team of IT professionals.

The encryption keys are secured by a password that only the users themselves will know. In other words, our administrators do not have this password and thus, cannot decode any user communication. Decrypting any private key requires the relevant user to log in explicitly, and the protection mechanisms on our servers will make sure that we, the server operators, will never have access to a decrypted key. Our systems are also designed such that any of these keys will never be stored in program memory unencrypted.

1 Like

Thank you for explaining. I went through those articles, but I am new to this and not entirely sure if I have understood everything correctly. My idea is to create my own Curve25519 key locally and then upload only the public key to Guard for using it with Thunderbird. Is the whole point of Guard to simplify the process of creating and attaching a key and automatically decrypting it on the web UI if the inbox is encrypted?

Also, when you say PGP program, are you referring to one of those websites where you register your keys?

1 Like

… and Guard also offers an option for secure communication if your communication partners provide no PGP keys: Mailbox creates temporary mailboxes for external users on one of its servers, in which the respective recipient can read and reply to the encrypted e-mails sent to them.

I mean something like GPG Suite to add PGP support for Apple Mail in macOS.

1 Like

I do this and I use it with Aerc & Notmuch with Mbsync. It works awesome, downloads all my mail in maildir format, indexes encrypted mail which I can search the body of also (because Notmuch can do that), and also get ability to use tags, like Google mail. I use Syncthing to sync it to my server.

Yes that does work. It supports curve25519, and you can use a separate keypair for Guard. Guard requires private key as well though, but you can use a different key for inbox encryption.


Is it possible to import emails and have them automatically encrypted? e.g. if I set up (with inbox encryption) and Gmail in Thunderbird, and copy the emails in Gmail to, I would assume these remain unencrypted.

If you copy them to the Sent folder the filter will do that.

I also use PGP inbox encryption, and decrypt it using Thunderbird. Works great.