Digital Tradecraft For Email

Good digital tradecraft for E-Mail

Good tradecraft for protecting email communication does exists:

1. Protect email content through message encryption, like GnuPG
2. Do not rely on third party storage of emails. Download emails and delete them from the email server.
3. Store email and other information (such as browser data) securely using Full Disk Encryption like
   TrueCrypt or VeraCrypt.
4. Points 1-3 also mean that one shall not use webmail services.
5. Select an email provider that is privacy conscious: Removing identifying header information
   from emails and protecting whois/domain-data or being registered in a jurisdiction other than your own. 6. Use encryption to communicate with the email provider: Insist on TLS/SSL encrypted access to their
   SMTP (outgoing) or POP3/IMAP4 (incoming) servers.
6. Only access the Internet with anonymization methods enabled that conceal your true IP-Address from
   third parties, like Tor /Multi-Hop VPNs/ JAP .
7. Do not draw unneeded attention towards yourself by harassing people needlessly.

Remember PGP is not forward secure and if your threat model includes the NSA then never use PGP , Use
OPMSG with your mail client . It will hide your metadata too.