The PGP Forwarding Server is a server that receives e-mail on behalf of a user, encrypt it automatically and sent it off the users' real e-mail account.
Here is a little illustration:The PGP Forwarding Server has a somewhat simplistic view of the world. We have basically a part of the world where things can be transferred in plain text. And we have a part of the world there things must be encrypted.
It is up to you to decide how big those parts are. Maybe the "Insecure world" is the whole internet. Or just people living in some undemocratic country. Maybe the "Free World" is the whole internet or just the people working in your local network?
We don't care. Just keep in mind that the working axiom is that there we don't can encrypt the e-mail whole traffic, so we care at least about this traffic where we have incluence.
Now, the question is, why can't we encrypt e-mail traffic completely? Because of real world constraints. Just to name a few:
You have relatives. Does your nice Aunt Ann know how to use PGP?
You have a business partners. Now, what's with the sales person over there? Do they know how to use PGP?
However, if you are the boss of an enterprise you could train your exterior sales clarks on how to use PGP. And you can install the PGP Forwarding Server in your company and then everything in your country would be able to safely communicate with your travelling salesmen. Your accountant, your secretary, your tech department, and of course yourself.
So you see, by investing effort at the right place you will benefit from a great leverage effect all over your organisation.
No matter how big those areas are, a user of the PGP Forwarding Server needs to communicate via safe channels with the server. This is currently done by either PGP or SSH.
Receiving via PGP: basically an outsider sends something to an user account on the server, the server encrypts the message and sends it over to the user.
Sending via PGP: a user can may also want to send encrypted mail. However, most people in the internet won't have PGP keys, so the user encrypts the message with the public key of the PGP Forwarding Server and sends the e-mail to the command interface over there, using the "to" command. The server decrypts the message and sends it over in plain text to Aunt Ann.
Receiving via SSH: one just configures his account so that the server doesn't forward incoming messages, but place them instead into a POP3-mailbox. Then one connects via SSH and uses his very normal e-mail program to exchange e-mail.
Sending via SSH: again, you connect to the server via SSH. And again, one uses any e-mail program that can use SMTP to send e-mail normally.
When a user sends a message throught the server the server translates the real address of the user.
If this would not happen, then Aunt Mary would accidentally send plain text to the user.
