Comodo are proud to announce the first beta release of Comodo SecureEmail. We are making this beta available for testers and general users alike and look forward to hearing your comments and suggestions on our forums.
Comodo SecureEmail Beta 1, all subsequent beta versions and the final release version will each be available free to both home and business users (only certificates will be charged for commercial use, the software is free). Personal use everything is free
Comodo Secure Email: Brief Overview
A major problem with current e-mail encryption systems is securing e-mail to recipients for whom a public key certificate is not present on the system, either because the system just does not have the recipient’s certificate installed or the recipient does not have a public key certificate. This poses a security issue because e-mail can never be encrypted unless both parties had first exchanged public keys via digitally signed emails. Also, many users never bother to obtain a digital certificate and therefore never adopt the practice of securely encrypting their email communication.
Comodo SecureEmail overcomes this traditional restriction of secure messaging by automatically generating a unique; ‘single-use’ session certificate to encrypt outgoing emails to recipients whenever an email certificate is not present on the system. The application also contains a built in wizard that offers fast and easy sign-up and installation of Comodo Free Email certificates.
Current Feature Set:
Encrypt e-mail for contacts where a digital certificate for that contact is not present on the system
Encrypt e-mail for contacts where a digital certificate for that contact is present on the system
Enable encryption for those e-mail clients that don’t have e-mail encryption in their feature set, such as IncrediMail and others, plus support for automatic signing and decryption to come in future versions
Allow users an easy sign-up with automatic collection and installation of Comodo CA’s Free E-mail Certificates
Update contacts who have sent a temporary one-use e-mail to you, with your current e-mail certificate via a Credentials Update E-mail
Can be configured to automatically install credentials found in Credentials Update E-mails
Operating System: Windows 2000/Windows XP
Supports Microsoft Outlook, Outlook Express and Thunderbird
I installed and applied for a certificate, then got an email saying my certificate was installed. The email I received contained 2 attached gif files. But nothing else.
On inspecting certificates in IE, Firefox & thunderbird - I find none. On running the program “configure secure email”, it tells me that I don’t have a cert and asks me if I want to apply for one. So, I applied again, got another email… but with the same result. My email account in thunderbird is the same as the email address under which I applied for the cert.
Now its quite possible that I’m missing something, email certs are completely new to me.
btw…The link in the email, that was supposed to take me to the help area for setting up certs in programs, took me to the beta download page. I couldn’t see an obvious link to the information… now its quite possible that i’m being a bit dull… !!!
Thank you for taking the time to reply… your reply will be very useful when I actually receive a certificate! (:SAD)
Firstly, I don’t use outlook express at all. It is on my pc, but is not set up at all. I have IE7, Firefox and Thunderbird, all the latest versions.
After installing the comodo software, following all the instuctions etc, getting an email back saying I’m good to go… I then go in either via thunderbird or IE, or Firefox to try and find a certificate. The problem is that there just isn’t anything there. In fact, on re-running the comodo software from start/programs it tells me that I don’t have a certificate yet and I should get one by signing up. Which I then do, but with the same result.
Note that on first running thunderbird after installing the certificate software, I do get some pop ups asking me if I want my email folders to be checked for encrypted emails, to which I say yes. So the software is doing something, but just not giving me a certificate!
Something clearly isn’t working for me. (:SAD)
I’m currently running AOL AVS - active virus shield - (whilst waiting for CAVS to be sorted!! I tried the beta but had too many issues), and SSM. I exited SSM when installing the certificate software… so this isn’t the issue. I’ve also tried enabling active-x in thunderbird and disabling email anti-virus operations by AVS. But it made no difference.
My email provider is gmail, i’m collecting email via their pop server. Maybe it is something going on with them?
Um…!!! Nice find…but…! The cert is not there when i look for it with IE… which i guess looks where ever windows stores them…??! And… the comodo program itself tells me that I have no cert when i re-run it.
btw - i’ve applied for and received confirmation emails for at least 6 certs! And I have not been successful at installing any of them…
Question? does comodo send more than one cert for any single email address? Perhaps things went wrong the first time and ever since then I’ve not been sent a cert because I’ve been applying under the same email address??? Donno!
Firstly, I’m sorry to hear that you have had problems with SecureEmail Beta. I’d like to just clarify that it is a Beta and therefore is not without issues and has not completed testing to full maturity.
It seems that on your PC, SecureEmail Beta is failing to detect/install the e-mail certificate sent back from our Comodo CA servers.
Roy, are you using a web based gmail account or a Windows based e-mail client? Also could you tell me what ports you are using for POP and SMTP, are these 110 and 25 respectfully?
Here is a small work around for you. I know this is not exactly what we intended but in the mean time please can you use the web based e-mail sign-up facility to obtain a FREE Comodo e-mail certificate. Go link below and click on “GET YOUR FREE CERT NOW !” button.
The web process will then send a collection code to the e-mail address you have entered with instructions for how to download the e-mail cert. This should get SecureEmail working for you.
The certificate sign-up process (for those who want to know more):
The certificate sign-up process involves something called a Certificate Signing Request (CSR).
A CSR is generated on your computer and sent to the Comodo servers for formatting into the certificate standard and signing. During the CSR generation process a public and private key are generated. The private key is stored in the registry on your computer ready to be linked to your certificate once you receive it from Comodo. The public key is placed in the CSR which you send to Comodo CA’s servers. In the above link, this whole process is done via script on the web page by using a control shipped with Windows.
Once Comodo has signed the certificate you need to collect and install it. A collection code is e-mailed to your e-mail address to authenticate it and the collection code must be entered into the web page given in the e-mail’s instruction, to download and install the certificate. The certificate is installed by script on the web page using the same control shipped with Windows.
SecureEmail’s sign-up wizard does the same thing as above but SecureEmail will (unless you are Roy, sorry Roy) auto detect the collection code in the e-mail you receive, download the certificate and install it automatically.
I’m aware that this is a beta…with all that that means… which is why I tried it !!!. I’ve been a happy CFP user and like to try your new stuff - contributing when I find an issue. Which is what I’ve been doing here. If you have any questions about my setup, then let me know. I’m happy to help you work out what the issue is.
I’ll give the web-based sign up system a go a bit later today…
My default email system is thunderbird, via gmail pop. I’ve set thunderbird up as per gmail instructions - the set up is…
pop - port 995, SSL
smtp - port 25, TLS
I’ve CFP, and AOL AVS running. I also have SSM running, unless I’m installing something. It was disabled when i used your email cert program.
tried the web method and now have a certificate installed. I had to use IE to achieve this, as your web page didn’t work with firefox - it wouldn’t go past the first step in the sign up. Anyway, i installed the cert in IE, exported it and installed it in Thunderbird.
Interestingly, in signing up it did not object to my email address. Which, if i read it correctly, means that a cert was not sent out previously for this address. One of your FAQs on your website talks about the fact that you can not get 2 certs for 1 email address.
So, this may help you in trying to work out why it didnt happen for me??
Anyway… I’m gonna play around with my cert now! Thanks for your help.
Right then…next update!! I can now send a non-encrypted, signed email (!). This works without the program installed.
Next step to re-install the cert program…no problems there, it found the cert, asked for a re-boot and that was it.
Next to try and send a signed & encrypted email… no joy.
basically what happens is that i press “send” and the pop up appears, saying that it is connecting, but nothing happens, thunderbird cannot send the email. Upon cancelling the email send from thunderbird, the comodo email program does not terminate. I had to click on the X to get rid of the pop up.
I guess it does not work with smtp ssl, which is gmail’s outgoing email setup. If I turn ssl off it the comodo program detects a non-encrypted email & starts doing its thing. But unfortuately, with ssl off I can not connect to the server.
I have to use Socks5 in my email client (Thunderbird) to be able to use it behind the company’s firewall and to stay anonymous but if I specify Socks5 in TB, CSE doesn’t touch my incoming nor outgoing emails. Any chance to enhance it (while it is still in Beta) to include Socks5 support?
Not using this Socks5 option gives me the same problems as reported by Roy…so, I’ve uninstalled it again.
What surprises me too is that since March 19 there was no reaction on this post…does that mean that this product is going to get the lowest attention/priority?
When I first Installed CSE I could not get cse to load my first DIgital Cert. and had to follow these instructions
After that CSE has seemed to load the other Certs. Just fine …or so I thought
Google will not download Email from Gmail any more my other accounts work fine
Connecting to wx-in-f109.google.com
The connection to your email server was lost …
Error code 0021[/b]
My Real Questions are:
[b]If you send a key (smime.p7s) with email what is to keep this from being intercepted and use by anyperson to decript the mail not only the intended receiver?
Or is this only meant to guarantee the send is who thy say they are[/b]?