p≡p for Thunderbird¶
This section covers the system requirements, feature list, installation and user-guide of p≡p for Thunderbird.
The following configurations are supported with p≡p for Thunderbird:
Windows 7, 8.1 or 10
macOS 10.14 to 11.2
Ubuntu 21.04, 20.04.2 LTS, 18.04.5 LTS & 16.04.7 LTS
CentOS 8.3, Red Hat Enterprise Linux (RHEL) 8.3
Thunderbird 68 or 78
If you are using the Linux beta release please refer to our additional information in the wiki, especially if you want to install pEp on a Linux OS that is not officially supported.
The following features are available in the latest version of p≡p for Thunderbird:
Encrypt/decrypt emails and their subjects
Store messages encrypted or unencrypted on the server (Untrusted or Trusted Server)
Compatibility with OpenPGP (as a p≡p user you can communicate with users that use OpenPGP)
Passive Mode (public key only attached if the communication partner uses p≡p)
Automated, decentralized key management
Import private keys
p≡p Sync, automated synchronization of keys between all your devices using p≡p
Warning when forwarding previously encrypted message unencrypted
Sequoia PGP as encryption backend
The following languages are supported:
Before you install p≡p for Thunderbird on your computer, we strongly recommend to encrypt your hard disk. On Windows, you could use BitLocker Device Encryption or VeraCrypt. For macOS FileVault is a good choice. With GNU/Linux you can use dm-crypt / LUKS. If you do not want to encrypt the whole disk, we suggest to encrypt at least the directory containing all your databases with keys (on Windows the path is
C:\Users\<user_name>\AppData\Local\pEp, on MacOS it is
$HOME/.pEp/). This is a hidden folder.
The installation is straight forward. Close Thunderbird, before starting the installation. Everything is installed with a few clicks and within seconds p≡p for Thunderbird is active. For Windows it goes like that:
Run the installation file by double clicking on the installer file.
The first p≡p for Thunderbird installation screen will appear. While loading, the installer checks for system compatibility and verifies that you have a supported version of Thunderbird installed.
The p≡p for Thunderbird licensing agreement will be shown. Please read through this agreement and when finished please activate the accept checkbox and click Install.
The installer will now need your permission to continue. This is a security feature of Windows. When the below dialog appears, please enter the administrator password (if required) and click Yes.
p≡p for Thunderbird will now be installed. During installation the progress bar may pause momentarily before it finishes.
The installation is now complete! Please click Finish as shown below to close the installer. Now you can start Thunderbird and begin using p≡p! No further configuration is required.
This user guide gives step by step instructions on how to use p≡p for Thunderbird.
First steps in p≡p for Thunderbird¶
When Thunderbird is started the first time after the installation of p≡p, Thunderbird asks if you want to enable p≡p for Thunderbird (message on the top right). Select “Enable”.
Should this message not appear please ensure that p≡p for Thunderbird is enabled. You can do this by going to Tools -> Add-ons in Thunderbird.
After the p≡p Add-on has been installed and enabled, p≡p is automatically activated for all accounts. No configuration is needed. From now on the ‘Privacy Status’ button is visible when communicating with partners who also use p≡p or OpenPGP encryption functionalities.
Sending Secure Emails¶
After a message from another p≡p communication partner is received and you reply to that message, the Privacy Status in the message will be displayed in Yellow (Secure). You see, that this message will be sent encrypted. Please note, that the very first message between two p≡p users will be sent unencrypted.
Please note that the local part of an email address (left of the “@”) must be treated case sensitive. E.g. email@example.com is not the same as HOLDEN@pep.digital, however firstname.lastname@example.org is the same as holden@PEP.DIGITAL.
For a better usability we encourage you to move the p≡p button further to the left using the customisation dialogue.
For general information about the handshake, refer to Handshake.
To perform a Handshake, the Handshake dialog can be opened by clicking the Privacy Status bar. The following window appears:
After comparing the Trustwords with the communication partner through a separate channel (like a phone call or a meeting in person), select “Confirm” if the Trustwords match. If the Trustwords didn’t match, select “Reject”. When you confirmed the Trustwords, the Privacy Status with this communication partner changes to Green (Secure & Trusted).
Sending a message to multiple people with different Privacy Statuses¶
When sending a message to more than one person, the user simply adds the recipients to the message and clicks on the Privacy Status revealing the following pop-up window:
This dialog shows that one Handshake is pending. The user can click on the email address to perform the Handshake with the communication partner as explained above. After all the Trustwords are confirmed by the users, the communication will be upgraded to Green (Secure & Trusted).
When the communication partner’s Privacy Status is Yellow (Secure) or Green (Secure & Trusted), the e-mail will automatically be sent encrypted when the user clicks ‘Send’. If the user would like to disable protection on a case by case basis, then the user can do so by clicking the Privacy Status icon on the top right of the message.
The Privacy Status as well as the rating for a communication partner will change from Yellow (Secure) or Green (Secure & Trusted) to Disabled with no color and the message will be sent unencrypted when the user presses ‘Send’.
Sending BCC emails¶
Currently, p≡p sends messages unencrypted as soon as there is at least one recipient in BCC (even if keys of all recipients are available).
p≡p for Thunderbird Options¶
This section covers all the options that are available through the user interface of p≡p for Thunderbird. The p≡p options can be opened by selecting Tools -> p≡p Options in Thunderbird.
Store messages securely for all accounts¶
Defines if messages should be saved encrypted or decrypted on the server. If “Store messages securely for all accounts” is checked, encrypted messages will be kept encrypted on the server for all accounts.
When this option is unchecked, you can select for each account, if you want to “store messages securely”.
For more details see Store messages securely.
Enable p≡p privacy protection¶
Defines if p≡p privacy protection is enabled for the selected account or not. For more details see Enable p≡p privacy protection.
Enable p≡p Sync¶
If p≡p Sync is enabled, p≡p will check if other devices are using p≡p with the same email account and try to build a device group. p≡p Sync ensures that all messages can be decrypted on all your devices with p≡p.
For more details see p≡p Sync.
Show a warning when a message loses security through reply or forward¶
Defines if a warning message should be shown, when a formerly encrypted message is forwarded or replied as unsecure.
Enable Passive mode¶
By default p≡p for Thunderbird attaches your public key to every outgoing email. When passive mode is enabled, p≡p doesn’t attach a public key to outgoing messages unless the communication partner uses p≡p. If you already have a public key from your communication partner, p≡p will encrypt your emails by default.
For more details see Passive Mode.
Account specific settings¶
Local Folders - Store messages securely¶
If “Store messages securely for all accounts” (see above) is unchecked, you can define, if messages in local folders should be stored encrypted or unencrypted.
Store messages securely¶
If “Store messages securely for all accounts” (see above) is unchecked, you can define per account, if messages should be stored encrypted or unencrypted.
Synchronize between my devices¶
Defines if the keys of this account are synchronized within your device group when p≡p Sync is enabled.
Enable p≡p privacy protection¶
By default, p≡p privacy protection is enabled and all outgoing messages will be encrypted whenever possible. If p≡p privacy protection is disabled, outgoing messages will not be encrypted. It will by default still decrypt incoming messages. However, the user has the option to also disable “Continue to decrypt messages”. In that case, incoming messages that are encrypted, will not be decrypted and are therefore unreadable. The p≡p privacy protection settings can be changed on a per account basis.
Compatibility options are related to OpenPGP and only affect communication with OpenPGP communication partners.
PGP Key Import¶
In case your device is member of a device group, please proceed with the following steps before starting the key import:
Disable p≡p Sync on all devices of the group before starting the import process.
Import the key on ALL devices.
Switch on p≡p Sync after the manual key import worked on all devices.
This option imports your existing PGP keys and uses them. Only one key can be imported at the time. Click “Browse” to select the key you want to import and then click “Import”.
The key is then set as default key. However, p≡p still manages keys automatically, thus, the key might change in the future (e.g., when doing a reset). Please be aware that you can import only “.asc” files.
After the import p≡p will use your key to encrypt and decrypt messages. Please be aware that p≡p automates the key management and your key may change (e.g. after a reset, when joining a device group or when a key expires). Even if p≡p starts using another key, old keys will always be kept to ensure that all messages can be decrypted.
Use a passphrase for new keys¶
By default p≡p does not use a passphrase for new keys. If you want to use a passphrase for new keys enable “Use a passphrase for new keys”. Once enabled, p≡p will ask for a passphrase when new keys are generated. If you want to create new keys straight away, go to the p≡p Account settings and “Reset All Identities”.
About provides extra information about the p≡p version.
How to Upgrade p≡p for Thunderbird¶
p≡p for Thunderbird checks for new updates automatically by default in random intervals between 10 mins and 4 hours. Once there the new update is available, it’s downloaded and installer will pop-up on the screen asking the user to install it.
How to Uninstall p≡p for Thunderbird¶
If you want to uninstall p≡p for Thunderbird, do the following:
Open the Control Panel
Open Programs and Features
Select p≡p for Thunderbird in the list and Click the Uninstall button.
Follow the prompts and p≡p for Thunderbird will be removed.
After you uninstall p≡p, you won’t be able to decrypt messages anymore. Further, if you didn’t trust your server, existing messages won’t be readable anymore, because they are stored encrypted on the server.
When you uninstall p≡p, the following data will not be removed:
C:/Users/<user>/AppData/Local/pEp(contains all key material and more)
Registry entries in
How to revert to Thunderbird built-in OpenPGP solution¶
To enable it again, reset the preference
mail.openpgp.enable to it’s default value
Those preferences you can find in Thunderbird’s
about:config: Go to
Tools > Options > in the General tab scroll down to the bottom > click Config Editor….