E-mail Encryption With GPG and Thunderbird
E-mail is one of the most useful areas for encryption – it's nice to not have to treat e-mail as a postcard! – and also the one where it's most important that encryption should Just Work. Enigmail offers a very usable GnuPG plugin to Thunderbird.Tip of the Trade: When it comes to encryption use cases, e-mail is a slam dunk. The downside of its criticality, however, is the expectation that it "just work." iEnigmail offers a usable GnuPG plugin to Thunderbird that makes this possible.
To use it, you'll first need to install GPG (also probably available as a package for your distro), then the Enigmail plugin (download it from the web site, then use the Tools-Addons menu and click Install to find and install the downloaded file).
The next time you compose a message, click the OpenPGP button to be asked if you wish to configure OpenPGP support for this account identity, with various options available to set your defaults.
After this, you can manage your keys and preferences via the OpenPGP menu. Use the Key Management menus to import keys from a file or a keyserver or to generate a new public keypair. From the Preferences menu, you can set how long your passphrase should be remembered. (Be aware of the security risk here!) In the Preferences menu, choose the Expert Options (then close and reopen the menu) to get a huge range of options covering default reply options, fetching external keys, and what keyservers to use. There are supposed to be per-recipient rules available, but I couldn't find this setting on my Mac.
Unfortunately, it's a plugin so you can't install it system-wide, but you can at least use it yourself and encourage your users to use it. Other mailers most notably mutt also have GPG usability, and the GnuPG web site links to plug-ins for several mailers.