Intro

S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security Inc. and the original specification used the IETF MIME specification with the de facto industry standard PKCS#7 secure message format. Change control to S/MIME has since been vested in the IETF and the specification is now layered on Cryptographic Message Syntax, an IETF specification that is identical in most respects with PKCS #7. S/MIME functionality is built into the majority of modern email software and interoperates between them.

S/MIME provides several cryptographic security services for electronic messaging communication. Some of these include

  • Authentication
  • Message integrity
  • Non-repudiation of origin (using digital signatures)
  • Privacy
  • Data security (using encryption)
  • S/MIME specifies the MIME type application/pkcs7-mime (smime-type "enveloped-data") for data enveloping (encrypting) where the whole (prepared) MIME entity to be enveloped is encrypted and packed into an object which subsequently is inserted into an application/pkcs7-mime MIME entity.

Obtain Email Certificate

COMODO offers free email certificates that are valid for 1 year. Their email certificate application only asks for some basic info including a revocation password in the event you need to revoke the certificate. Make sure to not use Google Chrome because Google has removed key generation from the popular web browser. Instead, I found using Firefox and presumably other web browsers works just fine. When completing the application using Firefox a drop-down dialog message will appear to confirm the certificate was successfully installed.

In Firefox Preferences -> Advanced -> Certificates select View Certificates to open the Certificate Manager. Under Your Certificates we will see the COMODO CA Limited email certificate. Select the email address right below the Certificate Name and then the Backup... button. The format will default to PKCS12. This is the format we want so it can be imported into a mail client such as Mozilla Thunderbird. This also works fine with Microsoft Outlook, Apple Mail as of 10.12 Sierra and probably others.

Thunderbird

With Thunderbird we can go into Account Settings -> Security.

Thunderbird S/MIME

When you click the Select button under Digital Signing the certificate will be found. If you have more than 1 certificate you should be able to select the one you want. Using the above settings will always make outgoing email messages signed with S/MIME.

We can verify an email message gets signed using our proud COMODO email certificate.

S/MIME signed

Intro

Mozilla Thunderbird is a free, open source, cross-platform email, news, and chat client developed by the Mozilla Foundation.

Mozilla Thunderbird is arguably the best Mail User Agent for the desktop. Being an avid user of Email I thought I would list some of the extensions I find makes Thunderbird even better in no specific order.

Adblock Plus

First on the list is Adblock Plus. I really think it's ridiculous to serve ads in Emails, so this works really well for anyone looking to block all those annoying ads. This extension is probably not needed if Emails are read in plain text.

Display Quota

This is a nice extension to display your mail quota. I use quotas on my mail servers and like how this extension will tell you how many messages are in each folder. You can also have it give you a warning when you reach a certain percentage and modify it's appearance.

Enigmail

This is a must have extension all Thunderbird users should have. It does a great job at what it was intended to do - sign & encrypt Email messages. From my experience it has been quite stable.

ImportExportTools

This extension is great for those looking to import or export folders and messages. There are plenty of available options.

Manually sort folders

I'm not sure why Thunderbird does not have native support for manually sorting folders, but this extension really does deliver. You can sort manually or automatically and re-order accounts in the folder pane. Definitely worth having.

Markdown Here

I really enjoy using markdown and just so happen to write my blog using markdown, so thought why not extend support to other apps like Thunderbird. This extension works really well for writing Email messages using markdown syntax.

Send Later

I needed to send an Email at a specific time and found Send Later to exist. I'm glad I came across this extension because it definitely excels at what it does. The caveat is that Thunderbird must be open for it to work, but the support page suggests some solutions.

I originally thought about writing a small script to do this, so decided to write something up that I could easily use on Linux and macOS systems.

#!/usr/bin/env bash

## use the 'at' command to send an outgoing email at a specific time
MAILTO=''
MAILFROM=''
SUBJECT=''
Cc=''
Bcc=''
AT="at 9:00 AM Today" # 'at' expressions: http://www.computerhope.com/unix/uat.htm

MESSAGE=''

# Begin script
$AT <<EMAIL
mail -s "$SUBJECT" -c "$Cc" -b "$Bcc" -r "$MAILFROM" "$MAILTO"
$MESSAGE
EMAIL

# EOF

Sieve

I use pigeonhole with Dovecot for Sieve support on my Linux server. I'm really glad this Thunderbird extension exists. It easily implements the ManageSieve protocol to securely manage Sieve Script on a remote IMAP server. For example, we can set a vacation notice.

require ["body","fileinto","vacation"];
# rule:[Vacation]
if true
{
    vacation :days 2 :addresses "hello@aklein.me" :subject "Out of Office" "Thanks for your message. I am on vacation and will respond to emails when I return.";
}

I want to also point out you can grab the latest Thunderbird Sieve extension on GitHub. I had to use a Development Build because the extension available from the official Mozilla page would hang and never make the initial connection.

So there you have all the extensions worth mentioning that I find make Thunderbird even better. Leave a comment if you have any other useful Thunderbird extensions!