14 May 2018

Statement about eFail email encryption vulnerability.

Today we learned through Electronic Frontier Foundation (EFF) of an exploit known as efail that can compromise the text of OpenPGP encrypted messages through a combination of factors.

Developers at Encryptomatic LLC will be studying this issue in the hours and days ahead and will respond with software updates to Encryptomatic OpenPGP for MS Outlook if mitigation is necessary.

EFF is advising all PGP users to pause in their use of OpenPGP email encryption tools and seek other modes of secure end-to-end communication for now. This would include halting the use of Enigmail in Thunderbird, GPG for Outlook, and Encryptomatic OpenPGP for Outlook. 

26 April 2018

Encryptomatic OpenPGP Add-in for Outlook, version 2.5 released

We've updated Encryptomatic OpenPGP email encryption add-in for Microsoft Outlook! Version 2.5 is now available. Please update through your software [options > settings > check for updates], or download from the official Encryptomatic product website. https://www.encryptomatic.com/openpgp/
This release solves several errors reported by users and improves the user interface.

Screen shot showing how to update Encryptomatic OpenPGP for MS Outlook from within the software.
Update Encryptomatic OpenPGP for MS Outlook

Send any questions to Encryptomatic Support. You can use the "Chat" button on our Facebook page, or aEncryptomatic.com.

27 March 2018

Introducing MailDex Email Management System

Very are pleased today to announce the latest product from Encryptomatic LLC.

MailDex 2018 is a powerful email archiving/conversion system. Whether managing thousands or millions email messages, MailDex will let you find that important 'needle in a haystack' email.

MailDex logo.
MailDex for email archiving, conversion and search.
Try MailDex free for 15 days!

MailDex™ by Encryptomatic® LLC is a Windows software tool for indexing, discovering and converting emails. MailDex works across many different email formats, including Outlook .pst, .ost, and .msg files, and .eml, .mbox, winmail.dat, and .mht files.

MailDex is project driven, so for example, a law firm performing discovery on multiple cases can establish two different projects, preventing the content from mingling, Create an unlimited number of projects. Each project can index an unlimited number of emails. 

Search across one project, or search all of your projects. Email files within a project, or an entire project may be removed from your MailDex index at any time.

Learn more and get a free trail at https://www.encryptomatic.com/maildex/

29 January 2018

MessageExport add-in for Microsoft Outlook is updated.

A new version of MessageExport for Microsoft Outlook has been released.  Version 4.0.124 is now available for download. It includes a number of new features and bug fixes.

When exporting Outlook emails to .msg format, MessageExport can now save email metadata to the Windows file system. These fields include From, To, CC:, Subject, Attachments, Date Sent, and other related fields for which the metadata may be available.  This feature is enabled by default.  

To disable writing metadata to Windows file system, edit the "Export to MSG," profile.  From the Common tab, click the "Export Format" gear, and uncheck the box.

How to disable MessageExport email metadata file system write.
Location of Msg email meta data setting.

Here is the complete list of changes to this release of MessageExport for Outlook:

  1. ME-63: [ADD] Allow more than 50 characters per fields if less fields are being used in the naming schema
  2. ME-39: [ADD] Option to place email at end of pdf file. attachments appear in front.
  3. ME-71: [Fix] Error coming on OL 2010
  4. ME-72: [FIX] ME is disabled on OL 2013
  5. ME-67: [FIX] Error is coming when exporting PDF(Single file)
  6. ME-65: [FIX] Incoming message option skips emails when arriving simultaneosly 
  7. ME-59: [FIX] Automatically suppress or accept saving signed emails.
  8. ME-70: [FIX] Conversion with Attachments converted/included ignores attachments
  9. ME-68: [FIX] attachment missing in resulted PDF when exporting rar file attachment as PDF attachment embedded
  10. ME-69: [FIX] Pop up for folder selection lost when minimized
  11. ME-54: [FIX] Exporting to MSG folder tree crashes the add in and Outlook
  12. ME-50: [FIX] Signed attachment converts to smime.p7m file
  13. ME-49: [FIX] Email removal when failed
  14. ME-29: [FIX] Populate metadata to export
  15. ME-60: [FIX] Export to MBOX files inaccurate count  

MessageExport is an add-in developed by Encryptomatic LLC that helps users transform Outlook email in useful ways.  MessageExport can save messages individually, in bulk or automatically, in may different ways, to many different formats, including PDF, MSG, EML, MBOX, CSV, JPG, and much more.

MessageExport is an add-in for Microsoft Office Outlook 2016, 2013, 2010 and 2007.  Download a free trial of MessageExport at the developer's official product website.

This blog is maintained by Encryptomatic LLC, the developers of MessageExport.

03 November 2017

MessageLock Development is Ending.

MessageLock is an email encryption add-in for Microsoft Outlook . It is the product that launched our company over a decade ago. So it's with some sadness that we announce that we have decided to stop development on MessageLock, and that we will be ending support after 2018.

If you are still using MessageLock, we encourage you to consider moving to the free Lockbin add-in for Outlook. Lockbin makes it easy to communicate securely with anyone.  You can get a free Lockbin account now and decide later if the additional premium services are worth a $4.95/mo subscription.

You can download the free Lockbin add-in for Outlook directly from https://lockbin.com

Why are we ending MessageLock development?
When it was launched 12 years ago, MessageLock made email encryption easier for thousands of Microsoft Outlook users.

Demand for MessageLock has not kept pace with other products that we offer, including an Outlook add-in for OpenPGP, Lockbin, and PDF Postman.  The frequency of Microsoft Office updates have made it impractical to continue supporting MessageLock, given the demand.

Will MessageLock stop working?
No, your copy of MessageLock will continue to work, but it will not be supported on upcoming versions of Microsoft Office Outlook

Is Lockbin.com the only option?
While Lockbin is a great option for communicating securely and has an excellent add-in for Outlook, at a customer's request, we will gladly transfer MessageLock licenses to our other products at no charge, including:

Encryptomatic OpenPGP add-in for Outlook:  www.encryptomatic.com/openpgp

PDF Postman add-in for Outlook: www.encryptomatic.com/pdfpostman

If you have you any questions or suggestions for how we can make your transition from MessageLock easier, please contact us.

24 January 2017

Understanding OpenPGP Public and Private Keys

Email encryption has never been easy. The complexity of encrypting emails has frustrated the adoption of the PGP protocol in the decades since Phil Zimmermann released it to the world.

PGP doesn't work the way most people conceptualize encryption, and has been difficult for most to grasp.  It's easy to fall back on the metaphor of a safe with a single combination that both locks and opens the safe.   It's easy to think of knocking on a door, and someone asks "What's the password." If the password is correct, passage is granted.

If someone steals your password, then they can get into your stuff.  A password that both opens and locks something is called a symmetric key password.  If this password is weak and easily guessed, or if someone you have entrusted the password to isn't careful with it, then you have been defeated.  

Open PGP works differently from symmetric key passwords.  Open PGP is asymmetric.

There are two keys in PGP (actually, there can be subkeys, but lets not go there right now).   One key is public and can be known to the world.  The other key is private, and must be kept secure.

If you were going to send me a PGP encrypted email message, you would need to know my public key. You can use my public key to encrypt files and messages that you want me to see. My public is not a secret. 

In fact, here is my public key.  You can know it.  I have published it to a well known key server so you don't have to keep asking me for my public key.  If you want to send me a secure message, you can use my public key.  My public key is not a secret.

If I want to open the encrypted message that you send me (the message you encrypted with my public key), I have to use my private key.  Only my private key can open a message that has been encrypted using my public key.

That is the beauty of Open PGP.  Public keys can be shared openly. We don't have to worry that someone will overhear me sharing my public key with you.

It's like a safe with multiple combinations.   One combination was published in the newspaper, and lets anyone open a door on the safe and put something in. The other combination is a secret and only lets me take something out of the safe.

How can private key unlock something encrypted with a public key?

Oh, so you're a math enthusiast?  For open PGP to work, you really only need to accept the idea that the keys are mathematically related.  You don't have to understand the math, but you should feel comfortable enough to trust it.  It involves working with very large prime numbers.  But if you're interested in elliptical curve cryptography, you read more about it here.

Why don't more people use Open PGP?

Most people don't send encrypted messages because they don't have anyone who wants to receive an an encrypted message.  Message encryption works best when it happens automatically, behind the scenes.  Unfortunately, until recently many large companies that provided communication platforms did not take protecting your messages very seriously.  There is no email encryption option in Gmail or Yahoo mail.  It's difficult enough just to setup an email client like Microsoft Outlook or Thunderbird.  Then, installing the special software to add email encryption is another level of complexity. Then, generating a PGP key pair (public/private) and sharing the public key.... well, you get the idea.

First people need to be convinced that there is a benefit to complexity.  It's easy to convince ourselves that we, "have nothing to hide," and that nobody would be interested in our email anyway.

An easy way to begin to dabble in encryption is to install and use Signal by Open Whisper Systems. It's free and easy to use. Signal is the best implementation for IM encryption that I have seen.

If you are a Microsoft Outlook user, you're welcome to use Encryptomatic Open PGP add-in. We've tried hard to make it easy to install and use, and it's free for personal use.

Thunderbird with the Enigmail add-in is an excellent choice.

Encryptomatic also operates Lockbin.com.  Lockbin lets you send messages to anyone by email, securely, and puts a buffer between you and the technology.

We hope these tools will help you take back your privacy and allow you to communicate confidently.