4 add-ons to improve your privacy on Thunderbird

Thunderbird is a popular free email client developed by Mozilla. Similar to Firefox, Thunderbird offers a large choice of add-ons for extra features and customization. This article focuses on four add-ons to improve your privacy.


Encrypting emails using GPG (GNU Privacy Guard) is the best way to keep their contents private. If you aren’t familiar with GPG, check out our primer right here on the Magazine.

Enigmail is the go-to add-on for using OpenPGP with Thunderbird. Indeed, Enigmail integrates well with Thunderbird, and lets you encrypt, decrypt, and digitally sign and verify emails.


Paranoia gives you access to critical information about your incoming emails. An emoticon shows the encryption state between servers an email traveled through before reaching your inbox.

A yellow, happy emoticon tells you all connections were encrypted. A blue, sad emoticon means one connection was not encrypted. Finally, a red, scared emoticon shows on more than one connection the message wasn’t encrypted.

More details about these connections are available, so you can check which servers were used to deliver the email.

Sensitivity Header

Sensitivity Header is a simple add-on that lets you select the privacy level of an outgoing email. Using the option menu, you can select a sensitivity: Normal, Personal, Private and Confidential.

Adding this header doesn’t add extra security to email. However, some email clients or mail transport/user agents (MTA/MUA) can use this header to process the message differently based on the sensitivity.

Note that this add-on is marked as experimental by its developers.


If you’re really concerned about your privacy, TorBirdy is the add-on for you. It configures Thunderbird to use the Tor network.

TorBirdy offers less privacy on email accounts that have been used without Tor before, as noted in the documentation.

Please bear in mind that email accounts that have been used without Tor before offer less privacy/anonymity/weaker pseudonyms than email accounts that have always been accessed with Tor. But nevertheless, TorBirdy is still useful for existing accounts or real-name email addresses. For example, if you are looking for location anonymity — you travel a lot and don’t want to disclose all your locations by sending emails — TorBirdy works wonderfully!

Note that to use this add-on, you must have Tor installed on your system.

Photo by Braydon Anderson on Unsplash.

Using Software


  1. Many of these add-ons are legacy extensions and don’t work in Thunderbird 60.

    • @Daniel, I used the version of Thunderbird available in Fedora 28 (52.8.0) as a target while writing this article.

      Also I believe that Thunderbird 60 is still in beta release.

  2. Brian Vaughan

    I’ve seen it suggested that, since you can’t encrypt email headers, there’s nothing special about encrypting the body of an email, so for most purposes, it’s easier to just encrypt a file and add it as an attachment.

    • Your source is correct, and that is what GPG mail is: a standard for encrypting a file and adding it as an attachment with a corresponding mime-type. Enigmail makes the process more convenient, doing it all within thunderbird. Plus, how many people know how to set the mime-type of attached files?

Comments are Closed

The opinions expressed on this website are those of each author, not of the author's employer or of Red Hat. Fedora Magazine aspires to publish all content under a Creative Commons license but may not be able to do so in all cases. You are responsible for ensuring that you have the necessary permission to reuse any work on this site. The Fedora logo is a trademark of Red Hat, Inc. Terms and Conditions