Sending emails with a S/MIME signature has 2 advantages:
- It ensures that the sender is really who (s)he says (s)he is (prevents spoofing)
- The content of the email has not been changed or tampered with
It is fairly easy to implement and it works with any recipient as most email clients (including web clients) support S/MIME. Even if a client would not support it, the recipient can still read the mail.
First, you need to get an official certificate for your email address. There are different certificate providers, but you can get a free certificate from Comodo. Go to:
Click on "Sign up now" and enter your first and last name and your email address. Also enter a revokation password.
Click on "Next"
You will now get an email. Click on "Install certificate" in the email. You will get a confirmation that the certificate has been installed.
To be able to use the certificate in the different email clients you might have (web mail, Outlook, mobile device), you should export the certificate now and save the certificate file in a safe place.
As I am using Firefox, the export works as follows:
In Firefox, go to "Options > Privacy & Security", scroll down to "Certificates".
Click on "View Certificates". Click on the "Your certificates" tab.
Choose the newly created certificate and click on "Backup".
Set a password for the file. You will now see a .p12 file. This is your certificate including private key.
Now you have to import the certificate to your mail client (in this example into Outlook).
In Outlook, go to "File > Options".
Click on "Trust Center > Trust Center Settings"
Click on "Email Security > Import/Export"
Browse to the certificate file and insert the password.
The certificate will now be imported.
You now have to make the certificate the default one for your Outlook account.
Still in the "Email Security" window, click on Settings, give it a name and choose the signing certificate.
If you want to sign each email you send, you can tick "Add digital signatures to outgoing messages".