- Online and Offline mode
Content of message (text and attachments) may be encrypted, so that only recipient for whom the message was encrypted can read it.
Mail client that doesn't support S/MIME standard for encrypting messages will not display such encrypted message. Instead it will show single unreadable attachment.
ProfiMail can decrypt received messages as well as send encrypted messages.
Note: only message content is encrypted. Message headers can't be encrypted, so for example message Subject or list of recipients are always sent without encryption. You may think about this limitation in cases where security matters.
Messages are decrypted automatically when message body is downloaded if there is correct private certificate configured for given account.
As side effect of encrypted format, all attachments are downloaded at same time as message text, so there is no selective attachment downloading in encrypted messages even for IMAP accounts.
Choosing if message will be sent encrypted is performed in message composer. This is done in Send sub-menu by enabling Encrypt message menu item. Note that this menu item is available only if all recipients have valid public certificate configured in certificate manager.
You can see if recipient has associated public certificate by seeing small green “signature” icon next to recipient name, either as you choose recipients from list, or when there are already recipients chosen in message composer.
Encrypting message implies that all recipients must have assigned public certificate, because message being sent is encrypted in such way, that each of recipients will be able to decrypt it using their private certificates.
Regarding you, as sender, you should also have configured your own private certificate for account from which you send message, because if sent message is uploaded to your IMAP account (in Sent folder), it is also encrypted, so if you would not have configured own private key, you could not be able to read the message that you sent.
ProfiMail encrypts message also for you if private certificate is configured, but silently ignores this condition if your private certificate is missing.