Hi, I'm Sam Parkinson

PGP for Every Email

Join us in our PGP journey

By Sam Parkinson, 17 February 2017; view other posts

Starting today, we're offering GPG signing for every email sent on LearntEmail. GPG is an email signing and encryption package, probably the defacto standard on the net. Other than Facebook, it is very hard to get marketing/application email sent in a way that is encrypted. But we're happy to change that.

Why PGP?

PGP is the defacto standard for email encryption. There is lots of exciting development in the PGP ecosystem, from Keybase to clients like Mailpile. We're excited to be part of the PGP community.

PGP is pretty good, as per the name. Sure, some people have issues with PGP. But perfect is the enemy of good. It isn't good that pgp software is hard to use, or that pgp doesn't support forward secrecy. But it is good that we have protection for emails.

Perfect is the Enemy of Good Pillow

Perfect is the enemy of good, on a pillow?

How to opt-in

First, find the latest email you've gotten from LearntEmail. You can use the box below to get one sent to you:

Awesome! Please check your inbox and confirm your email.
We'll never spam you

Follow the instructions in the email, and you should find the "manage delivery" page:

Manage Delivery Page screenshot

There you can select your favourite option (sign or encrypt) and hit save. If you are selecting the encrypt mode, make sure to add a public key. You can copy and paste the output from the commandline:

$ gpg2 --export -a [email protected]
Version: GnuPG v2


Then you're done! All future email send via any LearntEmail user will be encrypted or signed as per your preferences.

Make sure to note our public key is 7063 0DDE 9BAB 6342 FA58 A8C3 7033 B9B9 6CEA CDD3 or follow us on Keybase.

Public key management

When we send encrypted email to you, we need to know your public keys. Currently, this means you need to copy and paste them into our "manage delivery" page

Sadly, linking an email address to a GPG key is hard! There is no way to publicly attest that you own an email, since email is not a publishing platform. This means that awesome tools Keybase can't support searching based on emails, since that would require us to trust Keybase isn't lying about what emails it received.

We use a simple solution to the problem at LearntEmail. We already deal with verifying email addresses on a daily basis; it is a core part of email marketing. We leverage that infrastructure to offer a way for you to upload keys. Easy and simple!


Email encryption is more and more important as we face threats from the likes of the NSA. Supporting GPG across our network is LerantEmail's first step towards making email encryption more accessible to everybody.

Every email should be sign or encrypted. Even marketing email.

Comments, thoughts? Mail them to [email protected]. I would love to hear them!

Related posts

View all posts
Local Politicians Meet InfoSec - a Wordpress Disaster
The article that I didn't want to have to write
Read post
SELinux Concepts - but for humans
This is your SELinux dictionary!
Read post
Derivations 102 - Learning Nix pt 4
Taking advantage of the fact Nix is a programming language
Read post
Creating a super simple derivation - Learning Nix pt 3
Wrapping some shell scripts
Read post
So Variables are a Thing - Learning Nix pt 2
Taking advantage of the fact Nix is a programming language
Read post
NSDC 2016 Topics
Digitizing the motions from National Schools Debating Championships 2016
Read post