iSecureMail Help

1.Overview

2.Features

3.Mailboxes Screen

4.Settings Screen

5.Email Account Settings Screen

6.Other Settings Screen

7.SMIME/GPG Key Management

8.Inbox Screen

9.Message View Screen

10.Compose Screen

11.File Organizer Screen

12.File View Screen

13.Setup

14.FAQ

15.Support

16.Copyright

1. Overview

iSecureMail is an e-mail application which supports encryption. Users can read and compose unencrypted e-mail messages. In addition, users can read S/MIME and GPG encrypted messages that they received. Composing of GPG or S/MIME encrypted messages is also supported. Message signing is not fully supported and amounts to allowing to read the messages which are signed only and not encrypted. The sender must ensure that their e-mail client is configured to send signed only messages as clear text.

iSecureMail has context sensitive help. Te get help for any given screen, tap and hold its title in the navigation bar.

Back to the top

2. Features

iSecureMail provides the following features:

Receives and views unencrypted e-mail messages
Receives and Decrypts SMIME and GPG encrypted e-mail messages
Message compose for unencrypted and GPG/SMIME encrypted e-mail messages
Supports POP3, IMAP4 and Exchange Web Services e-mail protocols
Support for multiple email accounts
Provides email header fields including To:, From:, CC:, Bcc:, Subject:, timestamp, text body, and attachments
Supports the use of native viewers for attachments
Downloads the entire email, not just the headers
Provides encryption key management (import and export)
Ability to create key rules
Provides a file organizer to facilitate attachment management

Back to the top

3. Mailboxes Screen

This is the default screen which is displayed when the applications first launches. It allows the user to select an account to work with. It also contains the Settings button which allows to modify the application's settings. At the bottom of the screen there are 2 buttons: the file organizer button to the left and the compose mail button to the right.

When composing e-mail from this screen, the from account will be the last account which was viewed since the application was launched. If no mailbox is accessed since the application has launched, the first defined account will be used as the from account.

If no e-mail accounts are defined, the only available item on the screen is "Add Account..." so the user can define an account.

Back to the top

4. Settings Screen

This screen provides 3 groups of settings: General, GPG Key Management and SMIME Key management.

General:

Each configured account has a line with its description. Tapping it allows the user to change that account's settings.
Add Account... allows to add an e-mail account.
Other contains other miscellaneous settings like the pass phrase timeout and the default encryption settings.

SMIME or GPG Key Management:

Public keys is used to view and manage the public keys.
Secret keys is used to view and manage the secret/private keys.
Key rules allows to pre-define e-mail address to encryption key mappings which will be used to send encrypted messages. Note that most SMIME clients have only limited support for key mapping and unless there is a well understood reason to define an SMIME key rule, SMIME key rules should not be defined.
Remove keys removes both the public and secret keys. This is useful should the keys become corrupted.

Back to the top

5. Email Account Settings Screen

This screen contains the fields for configuring the connection to the email service provider. This screen displays during the initial configuration and by tapping Settings > Email Account on the Inbox screen. It contains the following parameters:

Description

This is a description entered by the user that will be used on the mailboxes and settings screens to identify the account, e.g. "Work e-mail."
User

This is the user name/ID of the account. This is usually the user's email address, e.g. steve@apple.com.
Email Password

This is the password for the user's email account.
Protocol

Specifies whether the email account service provider uses the Post Office Protocol (POP3), the Internet Mail Access Protocol (IMAP) protocol, or Exchange Web Services. Check with the email account service provider's documentation for this setting. The default setting is "IMAP".

Exchange Web Services is a feature of Microsoft exchange available in Exchange 2007 and later. In addition, this feature is not turned on by default in the Exchange server so if you are experiencing problems connecting, please contact your system administrator to ensure that the feature is enabled on the Exchange Server.
Max messages

When connecting to the email service provider, iSecureMail will display up to this number of messages. The default setting is 50. A setting of 0 will display all messages in Inbox. The maximum number allowed in this field is 99999.
Incoming (POP or IMAP) Server

POP3/IMAP4 only option. This is the internet host address used to fetch email inside your mail client. The name often starts with "pop", "imap" or "mail". Check the email account service provider's documentation for this address.
Port

POP3/IMAP4 only option. This is the port number the incoming mail server listens on. Check with the email account service provider's documentation for this port number.
SSL

POP3/IMAP4 only option. Specifies whether the incoming mail server uses the SSL (Secure Sockets Layer) communications secure internet protocol. If the user selects ON, the SSL protocol is used. If the user selects OFF, SSL is not used.
Outgoing SMTP Server

POP3/IMAP4 only option. This is the internet host address used to send email inside your mail client. The name often starts with "smtp" or "mail". Check the email account service provider's documentation for this address.
Username

POP3/IMAP4 only option. This is the SMTP user name/ID needed to send messages. This is usually the user's email address, e.g. steve@apple.com.
Password

POP3/IMAP4 only option. This is the password for the user's email account.
Port

POP3/IMAP4 only option. This is outgoing SMTP server port. Check with the email account service provider's documentation for this port number. Common port numbers are 25 for non-SSL and sometimes SSL communication, 465 and 587 for SSL communication.
Connection Security

POP3/IMAP4 only option. Specifies the type of connection security the outgoing mail server uses. One can specify no security, SSL/TLS or StartTLS secure communications depending on what the server supports.
Exchange Server

Exchange only option. Specifies the IP address or name of the exchange server, e.g. exchange.muycompany.com
Email Address

Exchange only option. Specifies the e-mail address of the exchange account.
Clear Cache button

This button is only available when editing a defined account. If you are creating a new account it will not be visible. This button allows to delete all cached messages and their metadata. This is useful to free space on the device or should the message cache become corrupted. After clearing the cache, the next time you view the account, the messages will be re-downloaded from the server.
Delete Account button

This button is only available when editing a defined account. If you are creating a new account it will not be visible. This button deletes all cached data and its metadata for this account as well as removes the account from the application.

Back to the top

6. Other Settings Screen

This screen provides miscellaneous settings as follows:

Password timeout: This is the time in minutes that the decryption password (either SMIME or GPG) will be stored and reused for once it is entered by the user. 0 indicates that user will be prompted for password every time it is needed. -1 indicates that the password will be remembered for as long as the application is running.
Zip Attachments: This option defines how attachments should be bundled when sending e-mail messages. Off means that each attachment will be sent separately. Ask means that the application will ask every time a message is sent and it contains attachments whether to zip the attachments. On means that all attachments should automatically be zipped. When zipping attachments, they will be zipped in a file called attachments.zip.
Default Encryption: This option specifies what the default encryption option should be whenever a new message is composed. The default value is GPG encryption.
Verify Application Password: This option provides for a security feature which is available with the iSecureMail application. When the application password is enabled, the application will present a password screen when initially launched which will ask the user for the application password.
Application Password: This option allows for modifying the application password.

Back to the top

7. SMIME/GPG Key Management

Encryption key management is accomplished with 4 items on the settings screen.

Public keys: On this screen you can manage your public keys.

To import keys, using tap and hold, copy a key file in either message view or file organizer. Then tap and hold the view area and select paste from the pop up menu.

To export keys tap and hold the view area and a pop up will display that has the Copy and Copy All options. Copy copies only the key that you tapped and Copy All copies all your keys to the pasteboard. You can then open file organizer and paste the copied keys there. Copy All is available for GPG keys only.

To delete keys, tap the trash icon at the bottom right hand corner of the screen. You can then tap the red stop sign and confirm delete to delete a single key, or tap the Delete All button in the bottom left corner of the screen to delete all keys. Tap done when you are done deleting keys.

To open file organizer, tap the organizer icon on the bottom left hand side of the screen.

Secret keys: You can manipulate the secret keys in an identical fashion to the public keys, except that you need to open the Secret key screen via Settings > Secret Keys under the respective key management group.

Key Rules: Key rules allow to create e-mail address to encryption key rules. If there is no key rule and no encryption key is specified via the bracket notation, by default, when you send an encrypted message the encryption key will be the recipient's e-mail address. With GPG encryption, an encryption key is not necessarily tied to an e-mail address. When this is the case, you can redefine the default key via the key rules screen. For example, if you want to use GPG key "john" for jsmith@abc.com, you would create a rule that maps jsmith@abc.com to john via the key rules screen. With SMIME encryption a key is always identified by an e-mail address. If you create a rule that maps key with address A@abc.com to B@abc.com, your e-mail will encrypt and send ok but most clients won't be able to decrypt the e-mail properly. Therefore key rules have limited use with SMIME encryption. They are useful to select which key will be used in cases where one has multiple SMIME keys that are for the same e-mail address.

Remove Keys: This option removes all keys in the respective encryption group. It is useful should the key rings become corrupt.

Back to the top

8. Inbox Screen

The Inbox screen displays all emails downloaded from the email account. The Inbox screen contains the File Organizer access button at the top of the screen, and the Check Mail and Compose functions as well as the Status bar at the bottom of the screen.

Mailboxes
Tap "Mailboxes" to display the Mailbox screen. This is where users switch between the different e-mail accounts they have configured.
File Organizer
Tap "Organizer" to bring up the file organizer.
Check Mail

Tap "Check Mail Arrow" to connect to the email server and download any new emails.
Compose

Tap the pencil icon at the bottom right of the screen to compose a new e-mail message.
Status bar

The Status bar provides information about the last time the Inbox was updated. If the user checks email and there are no new emails, the status bar will update to show the last time email was checked but no new messages will be present in the message list.

Back to the top

9. Message View Screen

The Message view screen displays when the user opens an email for viewing. On this screen, one can view any one particular message as well as delete the currently viewed message, reply or forward it to other users or compose a new message.

International text in messages: In order to read messages sent in alphabets other than the Latin alphabet, please make sure that the encoding of the messages is UTF-8. There are many encodings and it would be difficult for iSecureMail to support all of them. UTF-8 is a universal encoding that supports all alphabets and should be supported by virtually all current e-mail clients. The encoding of the message is determined by the software that the sender of an e-mail is using so if a message is not readable, please ask the sender to configure their software to send all message using UTF-8 encoding and resend the message.

E-mail account button on the navigation bar

Tap the e-mail account button to return to the inbox screen for that account.
Organizer button

Brings up organizer screen which helps keep attachments organized. If there is an attachment in the message being viewed, users can tap and hold it to Copy it into the pasteboard. Then users can Paste the copied attachment into the file organizer.
Trash Can

Tap "Trashcan" button to delete the email and return to the Inbox.
Reply/Forward

Tap arrow button to the right of the Trash Can button to reply or forward the message being viewed.
Compose

Tap the pencil icon at the bottom right of the screen to compose a new e-mail message.
Signature (available for SMIME encrypted messages only)

When viewing an SMIME encrypted email, if the subject line contains a green checkmark, this signifies that the email has been digitally signed and encrypted. The signature may or may not be valid.
To: and cc: fields

You can hide and unhide the To: and cc: fields by selecting the triangle next to the To: field. To view all To: and cc: values click the To: and cc: field.

Back to the top

10. Compose Screen

The compose screen allows for composing e-mail messages and then sending them. It displays when the pencil button is tapped on the Mailboxes, Inbox, or Message View screens or when one of the reply buttons is tapped on the Message view screen.

In the To: filed you can enter a list of email addresses which will be the To recipients of the e-mail messages. To select a recipient from the phone's address book, you can press the '+' button. The '+' button is visible when an address filed (To, CC, or BCC) has the input focus and the filed is empty. Once you finish entering an e-mail address, tap the return button. This will create a new address field of the same type and you can enter the next e-mail address. When you are finished entering the e-mail addresses, tap the return button on an empty line to move to the next logical field (e.g. Subject).

To display the Cc/Bcc address fields, tap the From line. You can then enter the Cc and Bcc recipients in the same way as you enter the To recipients.

To select the encryption option, tap the Encryption line on the screen. You can specify a default encryption for all your messages on the Settings > Other settings page. If you are using GPG encryption and you want to encrypt with a key that is different than the recipient e-mail address but you have not defined a key rule, you can manually type the key identifier in brackets following the e-mail address in the e-mail address field, e.g. jsmith@abc.com [john].

To attach files, tap the attachment button which is available to the left of the Subject line. Once you tap attach, iSecureMail will present the file organizer where you can select a file to attach to your e-mail message.

To send a message, tap Send in the navigation bar.

To cancel a message and return to the previous screen, tap Cancel. No drafts folder is provided, so once you confirm the cancel operation, you will loose everything that you typed.

Back to the top

11. File Organizer Screen

This screen allows for organizing attachments. It provides simple file management which lacks in the native e-mail application. You can view, delete, and rename files. You can also create a directory structure and get information about a file including its size.

The file organizer has 3 modes of operation: view mode, edit mode, and selection mode. View mode is displayed when the file organizer is invoked from a screen other than the Compose screen. Edit mode is available when the edit button is tapped once the file organizer is displayed in view or selection mode. Selection mode is displayed when the file organizer is invoked from the Compose screen in order to attach a file.

You populate the file organizer by copying attachments on the message view screen and pasting them into the file organizer. Once you have a few files in your file organizer, you can manipulate them similarly to how you would in a file browser.

In general when using the file organizer, you start by tapping the item you want to manipulate. This will highlight the item. Once you have a highlighted item, you tap a second button or the item itself to invoke an action on the item. Tapping the info button on a selected item brings up the property page for this item.

To paste an item you tap and hold on the file organizer. Provided that you have an item that you have copied into the pasteboard, tapping and holding will display a pop up menu which allows you to Paste the item. If you tap and hold on an item that is already in the file organizer, you will also get an option to copy the item that you tapped into the pasteboard.

The difference between view and compose mode amounts to what happens when you tap an already highlighted item (i.e. when you double tap and item). In compose mode, the second tap selects the item and you are returned to the previous (Compose) screen where the item is now attached to your message. In view mode, the second tap displays the content of the highlighted file.

You can display file information or decrypt GPG encrypted files. To display file information, tap the file name once to highlight it and then tap the info button. To decrypt a GPG encrypted file, tap the file name once to highlight it and then tap the unlock button.

In Edit mode, you can delete files, create new folders, display file information and rename a file. To delete a file, press the stop sign icon and then the Delete button to confirm the delete. To create a new folder, tap the new folder button located in left hand corner at the bottom of the screen. To display file information, first highlight the file and then press the info button which is available to the right of the new folder button. To rename a file, either double tap its name or single tap and then press the pencil button available to the right of the info button. When you are done editing and you want to return to the mode that the file organizer was originally displayed in (either view or compose), tap the Done button available in the bottom right corner of the screen.

Back to the top

12. File view screen

This screens shows the content of a given file. It is limited to what the iPhone can readily render natively. Some file formats that are supported are most image formats and pdfs.

To return to the screen that invoked this screen, press the Back button at the top left corner of the screen.

Back to the top

13. How to setup iSecureMail app

To use iSecureMail, the following steps must be completed:

Obtain and configure in Settings a POP3, IMAP4, or Exchange Web Services email account.

To use SMIME encryption:

Obtain an S/MIME email certificate.

This certificate will be used to digitally sign emails and to provide the private and public keys used for encrypting emails.
Export S/MIME email certificate

Export your email certificate to a .p12 or .pfx file. Don't forget to remember your password. Microsoft provides a good explanation of the process for exporting certificates

To use GPG encryption:

Install GPG add-on application.
Import your private keys in order to be able to decrypt messages sent to you. A good way to securely import a private key is to set up SMIME encryption and then e-mail your secret key ring to your e-mail account using SMIME encryption.
Import public keys in order to be able to send messages to other users.

Back to the top

14. FAQ

The following Frequently Asked Questions (FAQ) are provided:

I received a "No Keys are Found Error"

If you receive this error, there is no secret/private/decryption key available to decrypt the selected message. To supply an SMIME key, please email a copy of a .p12 or .pfx file to this email account, then check for new messages. Open the message, copy the key and then paste it into the private SMIME key section in settings. To supply a GPG secret key, first set up SMIME encryption and then e-mail an exported GPG secret key using SMIME encryption to this e-mail account. Then read the e-mail, copy the GPG key attachment to the pasteboard and then paste it on the GPG Secret key screen.

I received a "Decryption Failed Error"

This error means the email could not be decrypted with the keys that are currently on the phone. Steps to resolve this error are to double check that the sender has the correct public key to send you encrypted messages or to remove the keys on your device and resend the correct keys to the account you are using iSecureMail for.

I received a "winmail not supported Error"

This error means the attachment(s) on the email were bundled together into a winmail.dat file. To resolve this, ask the person that sent you the message to resend the message as plain text.

My POP Gmail account has sent items in my Inbox

When you enable POP for Gmail, all messages are downloaded to your client, except for Spam, Trash, and Chats. Gmail recommends setting up a filter within the mail client, but since iSecureMail does not support filters, you may receive emails that are in other folders besides the Inbox.

Back to the top

15. Support

We want to hear from you.

Bugs, Needs, Comments, etc

Back to the top

15. Copyright

©2011 Oceans' Edge Inc. All rights reserved.

Third Party Libraries

libEtPan! License
http://sourceforge.net/projects/libetpan

Copyright (C) 2001, 2005 - DINH Viet Hoa

All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

3. Neither the name of the libEtPan! project nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

Back to the top