Before reading ahead I must stress that the solution I advocate is that BOTH parties in a transaction use GPG.This solution guarantees one-way encrypted communication with a vendor and nothing else. It assumes a buyer who, for whatever reason, can't or won't use GPG or PGP. For two-way encrypted communication both parties must be using GPG or PGP.REQUIREMENTS1) Vendor with a working installation of GPG or PGP.2) Vendor with a working Tor Mail account or other anonymous/pseudonymous email account.Note: The PrivacyBox service supports S/MIME and unencrypted forwarding or email retrieval. I do NOT recommend any of these options. Buyers wishing to contact a vendor through PrivacyBox should confirm that the vendor does have a PGP key on their vendor page.INSTRUCTIONSStep OneGo to the PrivacyBox Tor page: http://c4wcxidkfhvmzhw6.onion/index.en.htmlNote: PrivacyBox is maintained by the German Privacy Foundation and is available in German, French, Russian and Portuguese.Then click on "Create account" link.Step TwoEnter your Tor Mail or other email drop address and click the "next step" button.Step ThreeEnter a username (ideally one that matches or closely matches your SR username).Enter a suitably complex password.Step FourYou should be taken to the admin page, if not then login with the details you just set to get to the admin page.You will see the URLs your PrivacyBox forwarding server can be accessed. One of these is a Tor address. Make a note of this for your vendor page or future communication with a buyer.Step FiveIn the "forward of incoming messages" section select the "forward to an externam mail account" and enter your Tor Mail address (remember it is now @tormail.org and not @tormail.net).Note: if you are using an I2P address there is a special forwarding option below with specific instruction relevant to it.Step SixBelow the "encryption of incoming messages" section is an area to "Upload your public OpenPGP key or S/MIME certificate" with a file selection tool. Browse to the file for your public key (the same one which should be on your vendor page) and upload it.Step SevenIn the "encryption of incoming messages" section select the "OpenPGP encryption" and tick the "enable Javascript OpenPGP encryption for the client web browser" box.Then copy the OpenPGP key ID (e.g. 0x1234ABCD) for your key into the box.Note: enabling the Javascript option only reveals your public key to the person using the form, so it should only identify the information already available in the key on your vendor page. This option allows buyers using Javascript to encrypt the message at their end, otherwise the encryption will take place on the PrivacyBox server. Users who do not have Javascript activated will have their messages ecrypted on the PrivacyBox server.Step EightClick "check and update settings" and then logout. You will receive a test message from PrivacyBox encrypted to the key you uploaded to your specified email address.This is how all email sent through this form will appear so it is important to stress to buyers that they must include their SR username or other identifying code in the form or you won't know who the message is coming from.Note: the PrivacyBox encrypted forwarding is normally used by privacy advocates, journalists and human rights groups to enable the delivery of anonymous and encrypted messages from whistleblowers and the like, as such all messages sent through the form have no identifying information.Step NineVisit the Tor address you noted in Step Four so you know what your buyers will see and have a little play with it.Remember, there were four addresses: 2 HTTPS URLs (one normal and one for mobile devices), a Tor address and an I2P address. So if your PrivacyBox username is known you can be contacted anonymously from the clearnet and I2P.