Encrypting Email Messages with PGP

iGolder offers built-in PGP encryption to protect your email privacy.  Receiving encrypted emails is easy: simply visit the page Emails and Aliases and enter your PUBLIC PGP KEY associated with your email address.

 

PGP Email Encryption

 

After you click on the link Set PGP Key, you will see the following window where you can enter your PGP Public Key:

 

Set PGP Public Key 

 

If your PGP Public Key is valid, then iGolder will display the following message:

PGP Key Set Successfully
Your PGP key was set successfully.  An encrypted email message was sent to email@example.com.  If you can read it, it means the encryption and decryption process is successful.  If you cannot read the encrypted message iGolder sent you, simply delete your PGP key by leaving the field blank.

By default, iGolder sends you color-rich email messages in the HTML format.  Uncheck the option HTML (see screenshot above) if you prefer to receive plain text messages because your mail client cannot render (display) HTML messages or your PGP decryption software has difficulties decrypting HTML messages.  iGolder will also send you a confirmation email message each time you change mail format (HTML or Plain Text), so you can see which email format you prefer to read.

 

Reading PGP-Encrypted Emails

If you are new to PGP, you will need to use some special software to decrypt the PGP messages sent to you.  Since we are using Outlook 2007 as our email client, we had to search around to find a good software plugin capable to handle automatic PGP decryption when new email messages arrive.

 

After trying different software packages, we settled for PGP Desktop Email. The price we paid for PGP Desktop Email is a bit hefty, $164, however it was the only software capable to handle an encrypted SSL connection for sending and receiving regular (non-encrypted) email messages.  Most plugins are capable to automatically encrypt PGP messages, however those plugins are incapable to send email messages using a secure connection via SSL.  SSL adds another layer of privacy, since PGP encryption can only encrypt the body content of an email message; it cannot encrypt the email subject, nor the email headers (from, to, cc).  Without SSL encryption, anyone listening to your Internet connection, including your ISP logging your email activity, can easily figure out what is your business.  Also, most emails we send (over 99% of them) cannot be encrypted because we do not know the public PGP key of our customers.  As a result, we wanted a software solution capable to support PGP encrypt/decryption and use SSL encryption for sending and fetching email.

 

Installing PGP Desktop

The installation of PGP Desktop Email is simple and easy:  you download a 30 MB file and the installation is a few mouse click.  Once you reboot your computer, you will see a small icon in the Tray (at the bottom left of your screen).

 

To receive PGP encrypted emails, you need to have a PGP Key so others can use your public key to encrypt messages for you.  There are two keys for PGP: one key to encrypt the message and another key to decrypt the message.  You publish your public key so people can encrypt messages to you, and you keep your private PGP key for decrypting your messages.

 

Generating a PGP Key 

From the File menu, select New PGP Key...

 

New PGP Key

 

Generate PGP Key 

 

For extra security, you supply a password to your private PGP key.  This way, if someone gets a hold of your private PGP key, he still need to know your password to read your email messages.

 

PGP Key Password 

 

After generating your key, PGP Desktop will offer the option to publish your public PGP key to a Global Directory.  You may skip this option and do it later by selecting Publish to Global Directory menu item.

 

Once your PGP Key is generated, it will appear in the PGP Keys section as in the screenshot below.

 

PGP Keys 

 

To send our public PGP key, simply select Copy Public Key which will copy your PGP public key to the clipboard so you can paste it to an email message, or select Export which will save your PGP key to a file having the extension .asc, such as iGolder.asc.  In the example above, the public key for contacting iGolder is:

 

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP Desktop 10.0.0

mQENBEuUuccBCACz6AsQjJ+ulHUL9Z9xDIHw+dwgmRu6dPHD86u21itAUiM7nenN
p4MGJ8XuPqGfchR76KTscL4DLugI8srfwjbOFuZYGqZzEp9Pr1BfVkI1XRbT/4x2
OUULqjo+BIDJdSm2ZO1DKh2HYTL9iiT4HD12JZ3RUCbcUvfCrFwu8l54Pp7qJxqV
zndJIRpJXQ8M6EV9LcBIf7GLJaq4exq0j1kRCBLTZ763gN8KDGeltq8AvsA0YZes
Awm+XR94XFbdqp9nAb0ZkugKnnYVGSjgO/MiQNP9mCO1mcjr0g3R1ZJSi03HO9va
6FUTVcyxX4ywyHKMAiVQakhmthwuw3TpiXT7ABEBAAG0GmlHb2xkZXIgPGluZm9A
aUdvbGRlci5jb20+iQFtBBABAgBXBQJLlLnHMBSAAAAAACAAB3ByZWZlcnJlZC1l
bWFpbC1lbmNvZGluZ0BwZ3AuY29tcGdwbWltZQcLCQgHAwIKAhkBBRsDAAAAAxYC
AQUeAQAAAAQVCAkKAAoJEPZOydKs2KFleiUIAIhVcQOp5ZCdh1nC5MK0rOZ78J67
Bhy/IExz7nHqcgsp5VC76v2RX2VAtqVtb7o/v3E1cT9/+R1ZaxxKN4wD/hOYatS5
K/gg4GNma5fYnZCIUWdqmLTZo51W4DjHeUuFCoFLfoJQyrrwdVw06cAHfs0GLSh1
01ZmLCd2wiVuaIf+Q0TRo7kyWRAZr0NqlUvLw+oZjdKFCs2kzYTm4U6y1/dn5drr
Agr0N5swfEv2VHcie07PDiYsxNTEpSvmikGu51fUj0w5Tn74lJwCpwrRYPU88j9c
HucGDY3rzcqJywq5AX5HDuND8uuFLwBBJptxWumVLzvSiIXWbPLrnpopAkG5AQ0E
S5S5xwEIAMa43D9wf13F/a+ieTKWGsQ2rWWRjxH50Nc1ncEPj0aLbQygEquls6gJ
6Evl95paD1cdWuB+hRAqF5C4nbFZzDy8QFKQ0XOdc+1EF98dEe3jpWjyf3laYvAT
ow0zNqQxeFYzSG+gQeiUi0G2wJ+YFBTLGVkye8ujaqOtPWZdBe9FKdkMd1LteiVy
rwnHQAyjW6Kn8eXqZ+kjv4bGiM3hVW98BucR8oUqe2xJfUwwBDDlNb1J09vqsKAE
J5Vkrq90FZd0m2n224AhIOXIxT3HVfMnxYV5yJ15z7Nk8b5R79HCCJeX0W423i/S
wM9LpyhXARbm21DWwjDhV8Y+U8zhT7cAEQEAAYkCQQQYAQIBKwUCS5S5yAUbDAAA
AMBdIAQZAQgABgUCS5S5xwAKCRCBYe0ctxtBdNqqB/9Ipr8LcQcmjK95sWu7HPk0
BkM0LEJBGpIgzv9N/3vgQtH7uf19zyr45kUiGmAu0zlzxyGnhTGdgZHJ6AIO0Heb
TdceSCiKYbk81QMeoBc9Z3OtFlcNMOU3xSBzT06yIpnN6vbBuUL0yJm7On2j9pgN
UVRjpdD+VxJbfszitoheyjqBgckHENXRjb6LTtwYi9DNPmZcG822ULKthnkZtV1g
qKP6f9zLkZEy+8TA27Lpet8Qjoxjm4D+I6RWdvTh51jURk0s09Si2ehEEhySd1Sf
ngkP5JF321xhqo5bIOx9OfkSjdR48sN33NbZmxK8SRMF0gA1kH74DVBpo4hPAnpe
AAoJEPZOydKs2KFllnsIAJo3puuq2CFY4c4EWx3xaEpbz/IT2RmLZ0aERkLAbk15
1W1XFXyO4lq6CIx2GwyBNhAgc1cK1r032rJxL237+gkuUnydeWfyPa1NO1GqlBQC
i/gxMKJCNl3N2MueEcc7a4sPWpliLguoToiR54edet/IrvRstwgbyfVcDpdvcQ+f
Nit+jikkx3t1MHMHoqvKxv067Aoh/r8C82mzgXqwdAMOb87M7vTQsmk85bXZehQb
w0SC9XEK7nmfV++WY10DLdseqlmEwWCBHjjs7su7fYO/9oVRzzMuX6OQPzoi1K/R
KINaU6lXrAd3po+eBbPu5v6T0HzRz4QjwGl+7oyUPzw=
=jsGe
-----END PGP PUBLIC KEY BLOCK-----

 

How to Secure Email Using SSL and PGP

By default, PGP Desktop will work flawlessly without any modification to your email client.  PGP Desktop listens to the network ports 25 (SMTP) and 110 (POP).  Any email you send via the SMTP port is intercepted by PGP Desktop, and encrypted if a public PGP key is found, otherwise the email message is sent in clear text as usual.  PGP Desktop is smart enough to replicate the email message to the number of recipients.  For instance, say you send a message to a business partner having a PGP key and CC to someone without a PGP key, then PGP Desktop will send an encrypted message to your business partner and sent an identical unencrypted message to the other recipient.

 

The challenge however is sending PGP-encrypted emails via a secure SMTP port.  If your email client already sends emails via another port than the standard SMTP port, then PGP Desktop may not be able to intercept the message and encrypt it.  Besides, any SSL encryption established by your email client will be also encrypted to PGP Desktop, meaning PGP Desktop will be unable to intercept the email message and encrypt it with PGP.  The solution is to configure your email client to send all the mail through the standard SMTP port 25, and have PGP Desktop to communicate with your SMTP server via SSL/TSL.

 

Email Server for POP3 and SMTPEmail configuration: POP3 and SMTP over SSL 
If you are using other email client, feel free to visit http://webnet77.com/secure-email.html to learn how to secure your email using SSL.

 

According to the documentation, the incoming server (POP3) should use port 110, so PGP Desktop can decrypt incoming emails.  This is optional because PGP Desktop also decrypt emails when you attempt to open a message, so there is no need for PGP Desktop to intercept POP communications.  The benefit of using port 995 (secure connection) is peace of mind in case you exit PGP Desktop and your email client attempts to fetch your new emails.

 

The option This sever requires an encrypted connection (SSL) forces the connection to be secure.  This is what makes sure your POP communication is secure.

 

SMTP Proxy Settings using SSL

Once your email client is configured, you have to configure PGP Desktop to use SMTP over SSL.  In the PGP Messaging, click on Server Settings.

 

PGP Desktop: SMTP Proxy Settings using SSL

 

You will then see a dialog to configure your proxy server.  Make sure you select port 465 for SMTP and Require SSL to force a secure connection.  In the example below, I use the server name www.iGolder.com, so I can reuse the same SSL certificate as for securing the website https://www.iGolder.com.  Therefore, our email connection uses 128-bit SSL encryption which is as secure as when visiting https://www.iGolder.com (with HTTPS).  If you use a subdomain like mail.iGolder.com and smtp.iGolder.com, then you may have to purchase another SSL certificate.

 

 

 

 

Since August 1st, 2013 iGolder is no longer accepting new accounts and balances can only be redeemed. During the past years, we have been recommending Bitcoin more than our own payment system. We believe in physical gold ownership, and developed iGolder as a mechanism for people to acquire physical gold by trading with one another.

Since iGolder has a central point of failure (our server may be raided by thugs wearing some kind of uniform), we feet it is safer for us to cease operations. The iGolder experiment has been personally rewarding as we met many gold enthusiasts and also learned about Bitcoin in the process. For those who have no idea what Bitcoin is, we recommend doing your own research. Bitcoin is far superior to iGolder in every way, both in privacy and security as our server is always vulnerable to confiscation. Bitcoin is a communication protocol with a built-in "escrow service" capable of protecting both the buyer and the seller, rendering our Safetransit completely redundant. To learn more about the Bitcoin protocol and its feature, please watch "http://www.youtube.com/watch?v=mD4L7xDNCmA (Bitcoin 2012 London: Mike Hearn).

For those having gold in their iGolder account, we will ship the physical metal to anyone having more than 1 ounce of gold, assuming the owner is willing to assume the shipping costs. For smaller quantities, we offer to settle in Bitcoin, however we will also settle with any other reasonable payment system. We will give everyone at least two full years (until 2016) to contact us to claim their gold. After that period, any unclaimed gold will go to fund an economic development project in Honduras helping local people to become entrepreneurs.

We sincerely wish you the best in life and hope to keep in contact with you.

Yours in liberty,
The iGolder Team.


Update 2014: Since we announced we no longer accept gold transfers, we have received countless emails asking to keep the free gold charts and the PGP encryption tools. We plan to keep running the domain iGolder.com for both the gold charts and the encryption tools. Better, we are developing state of the art open-source software for a secure decentralized social network with a built-in wallet. We will announce when we have a product ready for use. Stay tuned!