Evolution

What is Evolution?

Evolution is the official personal information manager and mail client for the GNOME Desktop Environment. It is Free and Open Source Software, licensed under the GPL.

It is usually distributed with the GNOME Desktop Environment with linux, making it likely available either upon installation of a Linux distribution that uses GNOME, such as Ubuntu, or available via your distribution’s Package Manager. Evolution is also available for Windows.

Evolution includes support for email, calendar, address book, contacts, and GPG encryption.

Install Evolution

  • Debian/Ubuntu Linux: Most likely, evolution is already installed. If not, sudo apt install evolution
  • Windows: Download and install the windows version.

Setup a New Account in Evolution

  1. Start Evolution (e.g. Press Alt+F2 and enter: evolution)
  2. If you’re running Evolution for the first time, you will be asked if you want to restore your settings from a backup file, if you have one.
  3. Enter the name you wish to have appear in the From field to your email recipients along with your email address. You may also choose to make this your default account in Evolution.
  4. Enter the following information to receive email for a riseup.net account:
    Server Type: Choose either IMAP or POP. What is the difference between IMAP and POP email servers? %>
    Server: mail.riseup.net
    username:
    Use Secure Connection: TLS is recommended
    Authentication Type: Password
  5. The next screen has 4 sections. Connection to Server and Folders can be safely ignored. Enter how often you want evolution to automatically check for new emails in minutes in the Checking for New Mail section, or unchecked to only check for email when you manually instruct Evolution to do so. The Options section allows you to apply spam filtering to your incoming email and to automatically keep local copies of your email to enable disconnected access (applies to IMAP only).
  6. Enter the following information to receive email for a riseup.net account:
    Server Type: SMTP
    Server: mail.riseup.net
    check Server requires Authentication
    Use Secure Connection: TLS is recommended for security reasons (StartTLS and SSL are easily compromised).
    Authentication Type: PLAIN
    username: foobar
  7. Give the account you’re creating a name. This is only used for your reference when managing multiple accounts in Evolution and is not disclosed to recipients of your emails.
  8. Click Apply

You’re finished! You now can use Evolution to send and receive email through Riseup’s servers.

Enhance your email security

  • N’activez pas mots de passe sécurisés ou authentification sécurisée. Elles sont quelque peu mal nommées. Ces méthodes pour spécifier des mots de passe nécessitent que le serveur courriel garde une copie en clair de votre mot de passe. Nous considérons que c’est un risque de sécurité, donc nous ne permettons pas les “mots de passe sécurisés.” Comme la connexion à riseup.net est chiffrée de toute façon, ce n’est pas nécessaire.
  • Chiffrez vos courriels ! Pour améliorer la sécurité des messages utilisez Courriels cryptés.
  • La connexion sécurisée peut-être de type TLS ou StartTLS. Pour des raisons de sécurité, nous ne supportons plus SSL. Vous ne devriez pas utiliser StartTLS. À la place, il vaut mieux utiliser le TLS standard. Pour une sécurité supplémentaire, allez dans les paramètres de votre compte et changez le type de connexion de StartTLS vers TLS.
  • Il y a de nombreuses vulnérabilités avec comment les connections sécurisées marchent. Si vous avez besoin d’une sécurité élevée, vous devriez toujours vous connecter aux services Riseup en utilisant le VPN Riseup. Cela devrait éviter une longue liste de potentielles attaques contre vos communications.
  • Pour améliorer la sécurité de votre connexion vous pouvez utiliser Tor pour vous connecter aux services .onion de Riseup avec IMAP et SMTP. Regardez les adresses mail.*.onion et smtp.*.onion correspondantes dans la page en lien et remplacez mail.riseup.net pour chaque serveur. Note: * Le port SMTP 465 est souvent bloqué par les nœuds de sortie, mais le port 587 est moins fréquemment bloqué. Si vous avez un problème pour envoyer un courriel, essayez le port 587 ou configurez votre client pour utiliser les services cachés courriel de Riseup à la place du domaine habituel mail.riseup.net. C’est mieux que d’envoyer votre trafic à travers une sortie Tor car c’est résistant aux attaques MITM mais cela peut causer des problèmes de certificat côté client.

Setup OpenPGP Encryption in Evolution

All that’s necessary to work with encrypted emails in Evolution is to tell Evolution the OpenPGP KEY ID for your account and then to select encryption every time you send an email.

  1. First, Generate a OpenPGP Key pair, if you haven’t done so already.
  2. Go to EditPreferences
  3. In the Mail Accounts section, select the account you wish to link to your OpenPGP key and press the Edit button.
  4. Click the Security tab.
  5. Enter your OpenPGP KEY ID (See the Howto on OpenPGP Keys to find your KEY ID). Select Always encrypt to myself when sending encrypted messages; this encrypts the copy saved in your Sent folder on the email server with your own key so you are able to decrypt it later. UNCONFIRMED!!! Always trust keys in my keyring when encrypting enables you to communicate with people in your keyring whose keys you haven’t signed. You can ignore the Secure MIME section. Please note: “Always sign” is not the same as “Always encrypt”; signing an email is different from encrypting it and does not make the message unreadable to third parties.
  6. Click OK

You are now able to encrypt and decrypt emails in Evolution!

Send Encrypted emails

  1. Compose a new email
  2. Select SecurityPGP Encrypt

The email you’re composing will now be encrypted upon being sent! You can always verify that your email is going to be encrypted by going into the Security menu and seeing if there’s a checkmark next to PGP Encrypt.

Unfortunately, there currently doesn’t appear to be any way to enable encryption by default either globally or per contact, meaning that every time you want to encrypt an email to someone, you have to go to Security → PGP Encrypt to enable encryption, otherwise your email will be readable by third parties.