GnuPG is the underlying encryption engine. Enigmail is a UI to help integrate it into Thunderbird. I have encountered users who manage to use gpg (etc) without Enigmail, but I suspect they are the kind of "advanced user" who do a lot of their work via a command terminal.

The standard way to go about this is to install both and I recommend you do so.

I should warn you that gpg is a minority interest system and you may be hard pressed to find correspondents able or willing to use it. You may find that the alternative, S/MIME, is more widely accepted. Support for this is built into Thunderbird and you don't need to use any add-ons. The tricky bit is getting a key pair and installing them into Thunderbird. Keys are generally offered for installation into your browser, then you export them and import them into Thunderbird.

I use free keys from Comodo for S/MIME.

Thanks Zenos, that is a very detailed and helpful reply. I will keep it in mind.

i am considering getting a Startmail a/c, and was reading their notes re encryption, hence my enquiry. Startmail do offer webmail encryption, though browser/webmail is not considered a secure environment, with javascript problems etc. i wonder will the new Firefox "MultiAccount Containers" help to isolate and secure the webmail connection.

Goodness gracious!! While looking for more info on email issues I found:

In the News section of BestVPN, an article by Douglas Crawford says "Security researchers, backed up the EFF, have issued a warning over PGP and S/MIME encryption. You should stop using these standards to secure your emails immediately."

I haven't installed GPG myself, but others may wish to go to the Electronic Frontier Foundation's website where (Crawford says) more info can be read. I guess the EFF are a trusted source.

Anyway, everyday email is said to be not very secure really, but "secure email" would be useful for sending commercially confidential files, client info etc., if it were secure. Let's hope the GPG etc. vulnerability can be fixed.