Hi John, I’ve changed my reply a more appropriate Subject Heading.
I’ve just re-read your query and I think you are really just wanting to “sign a message” (use a digital signature). Apple Mail has the capabilities to “Sign or Encrypt” messages. The underlying mechanism Apple Mail employs for signing & encrypting mail is called S/MIME (Secure/Multipurpose Internet Mail Extensions). It’s an industry standard that most other desktop email clients understand, regardless of which operating system they use. (Unfortunately, many mobile email clients, including the ones built into the iPhone, iPod touch, and iPad, don’t currently speak S/MIME.) Extract below taken from “Take Control of Apple Mail in Snow Leopard”: "Signing a message (which can be done with or without encryption) enables the recipient to confirm that the message originated from the person whose email address is on it, and that the message wasn’t altered during transit. Given the huge volume of spam we all receive, and the increasing incidence of fraudulent email, it’s common to get messages with a forged 'From address’. Using digital signatures can solve this problem. It lets recipients know that the person who appeared to send the message really did send it, and that no hacker has surreptitiously inserted ads or malware, or changed the meaning of a legitimate message. If you plan to use Mail’s encryption capabilities (and even, in some cases, digital signatures), you must first make sure the other party has the necessary software and knowledge to work with the messages you send. You can’t just send someone an encrypted message out of the blue, because it may be impossible (if you lack that person’s public key), and even if its possible, it may not be workable (for example, if the other person happens to use an email client that doesn’t support encryption). ----------- WARNING: Because some email recipients can’t handle signed messages (in particular, they cause problems on mailing lists), you should keep the signature turned off except when it’s needed.” ---------------------- If you want to sign outgoing messages, or if you want other people to be able to send you encrypted messages, the first thing you must do is obtain an S/MIME certificate. These come in a variety of forms from a variety of sources. If you work for a large organization, its IT department may be able to issue you a certificate. Most individuals, however, go directly to any of several companies called certificate authorities to obtain a certificate. If you don’t mind paying a good bit of money and going to some bother, you can go through an involved process of proving your identity to a certificate authority and receiving a certificate that includes your name and other identifying information. However, there’s a quicker and easier way to go, with only a modest trade-off: a personal certificate. A personal certificate can be used to encrypt messages just as effectively as any other certificate, but the catch is that the certificate authority certifies only that the email address on the certificate is the same address that was used to request it; the certificate doesn’t include your name or any other personal information. If that’s good enough for you (and it probably is), you can bypass a lot of the hassle and expense usually associated with obtaining a certificate. Several companies offer personal certificates at reasonable prices, but “InstantSSL" (a reseller for Comodo, the world’s second- largest certificate authority) gives them away for free. How to get and install an InstantSSL certificate. 1. Go here <http://www.instantssl.com/ssl-certificate-products/free-email-certificate.html> 2. Locate and click the Get It Free Now! button next to “Free Secure Email Certificate.” In the window that appears, fill in the form with your name, email address, country of residence, and revocation password. The Key Size (bits) pop-up menu should say 2048 (High Grade), the default setting. Click Agree & Continue. 3. Watch your Inbox for a message saying that your certificate is ready—normally this takes minutes (or less). (If the message doesn’t arrive within a half hour or so, make sure it’s not in your Junk mailbox. In this message, click the Click & Install Comodo Email Certificate button. Your default browser should open, download the certificate, and (assuming default settings) launch Keychain Access and import the certificate. (If you’re asked which keychain to put the certificate in, choose Login.) Once this happens, you can quit Keychain Access and close your browser window. SIGN OR ENCRYPT A MESSAGE: The buttons you use to sign and encrypt messages are located in the header area of New Message windows. The starburst shaped one on the right is used for signing messages, and the padlock-shaped one on the left is used for encrypting them. If you don’t see the buttons in the window, first make sure the From pop-up menu is set to an address for which you have a certificate. Click the icon in the lower left corner of the header area and choose Customize from the pop-up menu. Then check the box next to those buttons and click OK. (If the buttons don’t appear, quit and restart Mail, and then try again.) Sign a Message To sign a message, follow these steps: 1. Compose and address a new message as you normally would, making sure to choose the email address that goes with your certificate from the From pop-up menu. 2. Select the digital signature button; when it’s selected, the X inside is replaced with a checkmark . 3. Click Send. If this is the first time you’ve used your certificate to sign or encrypt a message, an alert appears to confirm that Mail may use the certificate in your keychain. Click Allow or (recommendation) Always Allow to grant Mail access to the certificate. That’s it! Mail appends your digital signature and sends the message. How your signature appears on the recipient’s end varies from one email client to another. ----- Warning! Once you select the digital signature button, it remains selected for the next message you send too. Because some email recipients can’t handle signed messages (in particular, they cause problems on mailing lists), you should keep the signature turned off except when it’s needed. If you think you might forget when you compose your next message, choose File > New Message, turn off the signature, and then close the window (click Don’t Save when prompted to save a draft). Mail remembers this setting the next time you compose a message." —— Encrypt a Message: Before you can encrypt a message, you must have the recipient’s public key—which means having the person’s certificate in your keychain. You can check this by opening Keychain Access (in /Applications/ Utilities) and clicking Certificates in the Category list on the left. If the person’s name appears in the list, you should be good to go. If not, ask the person to send you a signed (but not encrypted) message. When you receive it, Mail adds the person’s certificate to your keychain. That done, follow these steps: 1. Compose and address a new message as you normally would. 2. Select the encryption button; when it’s selected, the padlock icon changes to a closed state. 3. Optional, but recommended: also sign the message by clicking the digital signature button, changing it to the selected state. 4. Click Send. If this is the first time you’ve used your certificate to sign or encrypt a message, an alert appears to confirm that Mail may use the certificate in your keychain. Click Allow or ( recommendation) Always Allow to grant Mail access to the certificate. Mail then sends the encrypted (and optionally signed) message—that’s all there is to it. “ A few words of caution, however. Although encrypting a message guarantees that it’s scrambled all the way from your computer to the recipient’s, once it has been downloaded and decrypted on the other end, your message could potentially be read by anyone with access to that computer. So, the safe use of encryption requires both parties to take appropriate measures to protect the decrypted text.” John, there is a lot more information regarding ‘what happens on the other end’, how to ‘Read signed or Encrypted Mail’ in “Take Control of Apple Mail in Snow Leopard”. <http://www.takecontrolbooks.com/snow-leopard-apple-mail> I purchase and recommend all the “Take Control” eBooks or printed. Cheers, Ronni On 08/06/2011, at 7:25 AM, Ronda Brown wrote: > > Hi John, > > Protecting Security Information > > https://ssl.apple.com/support/security/pgp/ > > http://www.gpgtools.org/ > > Secure Email in Thunderbird and Apple Mail with GPG > > <http://chronicle.com/blogs/profhacker/secure-email-in-thunderbird-and-apple-mail-with-gpg/30936> > > Cheers, > Ronni > > Sent from Ronni's iPad > > On 07/06/2011, at 10:14 PM, Winters John <jcwint...@me.com> wrote: > >> >> Wow Neil, >> >> I didn't know how easily that could be done. I had to read the raw source of >> your email to find the "internode" references in the header, but to a brief >> scan it looked really legitimate! Fascinating. >> >> The set up was slightly different in Mail vs Enter-rage but I made the >> switch and managed to unsubscribe my old email address. >> >> Now if I had tried to unsubscribe you (or anyone else) from the list there >> is the protection of a confirmation email to which you must respond that >> would alert you to any skulduggery. >> >> I seem to recall that it is possible to use public key encryption or >> something similar to make it harder for your emails to be spoofed. Is there >> anything like this that can be integrated into and used with Mail on the Mac? >> >> Regards, >> John >> >> On 06/06/2011, at 3:41 PM, John Winters wrote: >> >>> ***NOTE This email was sent by Neil Houghton NOT John Winters*** >>> >>> Hi, >>> >>> The thing about unsubscribing from lists is that the list has to think that >>> the email has come from the email address that you are trying to >>> unsubscribe. >>> >>> The other thing about this is that it really doesn't matter if that email >>> address is still working or not -you can still send an email that uses the >>> old email address as the "from" address - this is a typical trick used by >>> spammers and is the reason why you sometimes get complaints from people that >>> you have sent spam or viruses or whatever - you know you didn't do this but >>> it probably got sent with your address in the "from" field after somebody >>> harvested your address - Peter H touched on this in his answer to the "email >>> hacked?" post. >>> >>> Now doing this to someone elses email address is, of course despicable and >>> reprehensible - however doing it with your own obsolete email address, to >>> unsubscribe it from a mailing list is quite easy and IMHO quite right & >>> proper! >>> >>> To show how you would do this, I have sent this email using YOUR email >>> address - I hope you are OK with this, it was just done to show you how to >>> achieve your goal. >>> >>> The following steps are in Entourage (my email client) - but the basic >>> premise is the same whatever email client you use: >>> >>> Create a new account (Tools/Accounts, select mail, hit new) >>> Select type POP 7 hit OK >>> Give the account a name - I used john test >>> Put your old email in the email address (I used the address from your post) >>> Under Receiving Mail - leave everything blank (you are not trying to receive >>> email with this temporary account) >>> Under "Sending Mail" - put in your normal STMP server (in my case >>> mail.internode.on.net) >>> Hit OK >>> I get a message asking me to fill in the receiving mail details and warning >>> that if I just hit OK I will only be able to send (not receive) emails - >>> which is what I want - so, hit OK. >>> >>> The new account has been created. >>> >>> I write this email and select the new account in the "from" dropdown box. >>> >>> I send the email. I will now immediately delete this test account - so I >>> cannot accidently send any other emails purporting to be from your account. >>> >>> >>> HTH >>> >>> >>> Cheers >>> >>> >>> >>> Neil >>> -- >>> Neil R. Houghton >>> Albany, Western Australia >>> Tel: +61 8 9841 6063 >>> Email: n...@possumology.com >>> >>> >>> >>> on 6/6/11 12:03 PM, Winters John at jcwint...@me.com wrote: >>> >>>> >>>> Actually, >>>> >>>> I have exactly this issue, and I've been receiving duplicate emails for >>>> some >>>> time. >>>> >>>> I had originally subscribed to WAMUG using my ~@mac.com address, then years >>>> later when Apple forced people (subscribers actually) to use the ~@me.com >>>> for >>>> outgoing mail, I changed my "Mail" settings and found that although I could >>>> still receive WAMUG posts on my ~@mac.com address, I could not send to the >>>> list because the ~@me.com emails all bounced as an "unsubscribed" address. >>>> When I later re-subscribed with the ~@me.com I started getting duplicates >>>> of >>>> everything, but I could at least post again! >>>> >>>> If I use the unsubscribe link, from my current email settings, I'll >>>> unsubscribe the NEW listing, and, like Stephen, I can't see a way to use >>>> the >>>> OLD email address as it no longer works. I checked the WAMUG website and >>>> did >>>> send an email to "wamug-own...@wamug.org.au" (which seems to have >>>> disappeared >>>> from the website now) but didn't hear anything, so decided to live with the >>>> duplicate posts. >>>> >>>> So Daniel. If you're the man with the subscribers list, could I ask that >>>> you >>>> scroll through that long list again and delete <jcwint...@mac.com>, please? >>>> >>>> Regards, >>>> John -- The WA Macintosh User Group Mailing List -- Archives - <http://www.wamug.org.au/mailinglist/archives.shtml> Guidelines - <http://www.wamug.org.au/mailinglist/guidelines.shtml> Unsubscribe - <mailto:wamug-unsubscr...@wamug.org.au>
