Penn Computing

Penn Computing

Computing Menu Computing A-Z
Computing Home Information Systems & Computing Penn


Tuesday, March 20, 2018

  New Resources
Security Logging Service
Travel Tips for Data Security
Free Security/Privacy Training Resources
Two-step verification
Combating Malware
Phishing Archive
Cloud Computing and Data Outsourcing
Best Practices for Applications with Confidential University Data
  Security "Greatest Hits"
Managing Passwords
E-mail Harassment & Forgery
Hoaxes, frauds & scams
Wireless Networking
  Best Practices
Secure desktop computing
Secure servers
Secure data deletion
Securing printers
Tips for safe computing
Computing policies
  More in-depth information for
Local support providers
System administrators
  Security initiatives
Critical Component compliance
Authentication & authorization
Penn Security & Privacy Assessment (SPIA)
Security Liaisons (Restricted Access)
Secure Share
Secure Space
Vulnerability Scanner
  Related links
Electronic privacy
Worms, trojans, backdoors

Using Outlook with PGP


  1. Install PGP Desktop Email
  2. ; a 30-day trial is also available: NOTE: Administrative privileges will be required.
  3. Create keypair when prompted, unless you already have one. If you already have public and/or private keys, you should import them after PGP is installed - attempts to use existing keys during initial PGP configuration failed during testing.


  1. If you already have private and public keys from a separate installation of GPG or PGP:
    1. Export private and public keys from previous GPG/PGP installation.
    2. In your new PGP Desktop installation, click on PGP (the padlock icon) in the System Tray and select Open PGP Desktop.
    3. Click PGP Keys in the left-hand columnn, then File -> Import.
    4. Select the file to which your private key was exported.
    5. Select the private key(s) you wish to import, then click Import.
    6. Repeat the import process for your public keys.
  2. Open Outlook and send a message to your Exchange account. PGP will open a window for you to confirm that you wish to have it auto-configure for your email account. If Outlook appears to be hanging, the most likely cause is that this PGP window is open and waiting for your confirmation.
  3. From System Tray, open PGP Desktop.
  4. Under PGP Messaging, select your email address.
  5. In the Security Policies section, select Edit Policies.
  6. Select the last one (Opportunistic Encryption), then select Edit Policy...
  7. Change the dropdown list from "if any" to if none to disable the policy; click OK.
  8. With Opportunistic Encryption selected, click Duplicate Policy... and then Edit Policy....
  9. Change Policy as follows:
    • Description: Sign by Default
    • "If none" -> "If any"
    • Remove "Encrypt" as the action to perform on the message, leaving just "Sign."
    • Click OK.
  10. Move order of policies to this:
    1. Require Encryption
    2. Mailing List Admin Requests
    3. Mailing List Submissions
    4. Sign by Default
    5. Opportunistic Encryption
  11. Click Done.
  12. Exit PGP Desktop (if desired).


  • All messages will be PGP-signed (assuming PGP is configured as described above).
  • To encrypt a message:
    • put [PGP] in the subject; or
    • set Message Sensitivity to confidential.
  • To populate your keys with frequent correspondents (to verify their signatures and encrypt messages to them):
    • In PGP Desktop in the left-hand column under PGP Keys click Search for Keys
    • Search for the desired email address; and
    • Right-click the key, and select Add To -> All Keys.


  • PGP Desktop Email supports Outlook 2007 SP1 and Outlook 2003 SP3.
  • Testing was done in March 2009 with PGP Desktop 9.9 and Outlook 2007 SP1 on Windows XP SP2 and SP3.

Last updated: Thursday, March 19, 2009

Information Systems and Computing
University of Pennsylvania
Comments & Questions

Penn Computing University of Pennsylvania
Information Systems and Computing, University of Pennsylvania