Most of the commercially available mail servers like Microsoft Exchange, lets the administrator grant policy to themselves or anyone else to access any inbox (read as email accounts) on that server. So, if you are the CEO of the company, and don’t want your legal and finance mails to be looked up by the new IT recruit who happens to have admin access to your email account. Then better use end to end mail encryption. PKI also helps in validating the end user by letting the user sign the mail with his/her key before sending it. Which gives a 100% protection against phishing mails. Hacking and leaking of password is always a possibility. even Hillary Clinton was not spared from it. So, if she would have used end to end encryption for the sensitive emails, then the breach would have just revealed a lot of unreadable scrambled text.

So how to do it?

Simply by using a bunch of open source tools. Available for both Windows and Linux Systems. Here is a quick list.

Thunderbird Enigmail Plugin for Thunderbird GNU PGP A Key server (optional – this is useful to automate the key exchange process in a corporate scenario)