Try this site.

http://www.gnupg.org/



I couldn't tell you step by step how to do it, but the site has a HOWTO, Manuals, Guides, and FAQ's to walk you through it.



It is a public key standard, meaning you send out the public key, and when someone wants to encrypt a message to you, the public key will do so, and only your private key can unencrypt it. It can also work the other way, but the other person would send you the public key which you would use to encrypt a message sent to them.

If you want to be absolutely sure your encryption cannot be broken, email encryption can be painful.



1. Use S/MIME. You'll need an S/MIME capable email client like Outlook Express, same with your email recipient(s). You generate or purchase personal SSL certificates and exchange public keys. You would encrypt the email with your recipient's public key, and they would decrypt with their private key.

2. Use PGP. This encrypts attachments or text. You then attach them to emails. Similar process as #1, you still need to generate PGP key pairs then exchange public keys with your recipient.



You can see why this is so unpopular...



An easier but less secure solution is to use WinZip to zip your file(s) then protecting it with a password, meaning it gets encrypted. You then communicate the password to the recipient (not in the email itself... maybe phone or text message) so they can open up the zip file. Note a hacker could potentially get a hold of the zip file and proceed to use a dictionary attack... basically they can try every possible password and eventually crack it, but it's not likely this will happen. Still it's painful because you need a second non-email form of communicate to give them the password.



The last solution is a professional email encryption service. My company sells email encryption software for enterprises, but not so much for single users. You can try out some free offerings here: http://www.brighthub.com/computing/smb-security/articles/38933.aspx

Another email encryption option is Voltage SecureMail.



Voltage SecureMail can easily send encrypted email to anyone.



Voltage SecureMail has Outlook plug-ins or you can use a web interface for sending encrypted email. Messages are completely controlled by the sender and recipient in their sent folder and inbox. No messages are stored on servers.



Recipients don't need any special software to decrypt and read their messages, just a browser. And recipients don't need to pay to read their email. In fact, they even get free support from Voltage. It's much easier to use than PGP, S/MIME or other older solutions...and just as secure...which is probably why they can afford to offer free support to their customers and recipients...unlike those other solutions.



It's an ideal solution to help address state privacy regulations in Massachusetts and Nevada as well as the more general HIPAA, SOX, PCI requirements, etc.



There is more information and a free trial at: http://www.voltage.com/vsn

If you want to encrypt file attachements - use file encryption software.

If you want to encrypt text messages - use text scrambling software.



If you want to encrypt whole mail and the recipient has PGP - use PGP.