PGP signed messages and MS Outlook
Hi, a couple of days ago, people using MS Outlook started complaing that my messages looked "strange". I asked for an example and received this: > > Subject: Re: Finanzierung > > > > MIME-Version: 1.0 > > Content-Type: multipart/signed; micalg=pgp-sha512; > > protocol="application/pgp-signature"; boundary="Zd5+bFLIq/fPSfy5" > > > > --Zd5+bFLIq/fPSfy5 > > Content-Type: text/plain; charset=utf-8 > > Content-Disposition: inline > > Content-Transfer-Encoding: quoted-printable > > > > Lieber x, > > > > vielen Dank. Wenn wir die Parallelit=C3=A4t ... The headers below the Subject header are visible to the recipient, and the quoted-printable content is not unquoted by the client. The message in question is PGP signed and properly displayed in mutt (of course) and Apple Mail. The source of the message (as received via MS Exchange) looks like this: > Subject: Re: Finanzierung > Message-ID: > References: > > Content-Type: multipart/signed; micalg=pgp-sha512; > protocol="application/pgp-signature"; boundary="Zd5+bFLIq/fPSfy5" > Content-Disposition: inline > In-Reply-To: > Return-Path: my.addr...@hs-duesseldorf.de > X-MS-Exchange-Organization-Network-Message-Id: > eededcf1-f439-486e-1257-08dad6c4c55a > X-MS-Exchange-Organization-AuthSource: zvexch6.IT.lan > X-MS-Exchange-Organization-AuthAs: Internal > X-MS-Exchange-Organization-AuthMechanism: 07 > X-Originating-IP: [10.5.7.121] > X-ClientProxiedBy: zvexch6.IT.lan (10.5.7.76) To zvexch6.IT.lan (10.5.7.76) > X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0 > X-MS-Exchange-Organization-Recipient-P2-Type: Bcc > X-MS-Exchange-Transport-EndToEndLatency: 00:00:00.3281613 > X-MS-Exchange-Processed-By-BccFoldering: 15.01.2507.016 > MIME-Version: 1.0 > X-TUID: pVjn50NSefgW > > --Zd5+bFLIq/fPSfy5 > Content-Type: text/plain; charset=utf-8 > Content-Disposition: inline > Content-Transfer-Encoding: quoted-printable > > Lieber , > > vielen Dank. Wenn wir die Parallelit=C3=A4t ... The issue only occurs with signed messages – sending the very same (plain text) message without the signature works fine for Outlook-using recipients. I have signed my messages for several months now, without any negative feedback – is anyone aware of recent changes in Outlook which might have caused this? - Jan signature.asc Description: PGP signature
Re: pgp Sign as: config
On Mon, Apr 11, 2022 at 08:49:35PM +0200, Orm Finnendahl wrote: Am Montag, den 11. April 2022 um 10:33:57 Uhr (-0700) schrieb Kevin J. McCarthy: That's the part that makes no sense to me. Simply unsetting and resetting "sign" will just display the value of $pgp_sign_as. Did something else happen in your workflow? It's getting clearer thanks to your explanations: I was unaware of the difference of s/mime and pgp signing. The mail, I replied to was signed with s/mime, so replying to it set signing to (S/MIME). When unsetting and resetting it in my reply it gets set to (PGP/MIME), the key is set correctly and it works. It's not even possible to select s/(m)ime when selecting the encryption type manually even though it's displayed in the selection menu. Oh good, that explains what's happening! If you don't have S/MIME configured, you may want to add 'unset crypt_autosmime' to your .muttrc. I believe that will take care of the problem. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: pgp Sign as: config
Hi Kevin, Am Montag, den 11. April 2022 um 10:33:57 Uhr (-0700) schrieb Kevin J. McCarthy: > > That's the part that makes no sense to me. Simply unsetting and > resetting "sign" will just display the value of $pgp_sign_as. Did > something else happen in your workflow? It's getting clearer thanks to your explanations: I was unaware of the difference of s/mime and pgp signing. The mail, I replied to was signed with s/mime, so replying to it set signing to (S/MIME). When unsetting and resetting it in my reply it gets set to (PGP/MIME), the key is set correctly and it works. It's not even possible to select s/(m)ime when selecting the encryption type manually even though it's displayed in the selection menu. Setting the smime_default_key to my Hex number in .muttrc results in the error, that a key of this hex number isn't found. I probably should either disable s/mime encryption altogether in a way that it doesn't even get chosen automatically when replying to a s/mime signed mail or set up s/mime encryption correctly, but at least now I know why it's failing. > > Also, what version of Mutt are you using? Mutt 2.2.2 (aa28abe8) (2022-03-25) on Arch Linux. -- Orm signature.asc Description: PGP signature
Re: pgp Sign as: config
Hi, Am Montag, den 11. April 2022 um 12:38:59 Uhr (-0400) schrieb José María Mateos: > I have my GPG options here: > > $ cat .gnupg/gpg.conf > default-key 263080EC > encrypt-to 263080EC Unfortunately this didn't work here (even after restart). I get the same error in mutt. -- Orm
Re: pgp Sign as: config
On Mon, Apr 11, 2022 at 06:09:01PM +0200, Orm Finnendahl wrote: when replying to a signed Email, my response Mail is automatically set to be signed by me. Are you doing that via $crypt_replysign or via some other method? Are you replying to a PGP-signed message to an S/MIME message? The behavior you are describing below is not normal, so I suspect something more is going on. The pgp line concerning my key says "sign as: " The compose menu will display this when $pgp_sign_as is unset. In that case, Mutt will use the value in $pgp_default_key, or what is configured in your gpg.conf. If neither of those are set, then I'm guessing this is the error returned by GPGME when it tries to sign with no key defined. Unsetting and then resetting Security to "sign" results in the line "sign as: 0xA1XX" with the value of my Hex pgp Key configured in my .muttrc as "set pgp_sign_as = 0xA1XXX" and everything works as expected. That's the part that makes no sense to me. Simply unsetting and resetting "sign" will just display the value of $pgp_sign_as. Did something else happen in your workflow? Also, what version of Mutt are you using? -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: pgp Sign as: config
On Mon, Apr 11, 2022 at 06:09:01PM +0200, Orm Finnendahl wrote: How do I set the "" value that it uses my HexKey? I have my GPG options here: $ cat .gnupg/gpg.conf default-key 263080EC encrypt-to 263080EC There I declare what's my default key and I also tell it to always encrypt to me too if I send something encrypted. While checking my config I've seen that I'm also defining the key to use in .muttrc: set pgp_sign_as = 263080EC Hope this helps, -- José María (Chema) Mateos || https://rinzewind.org
pgp Sign as: config
Hi, when replying to a signed Email, my response Mail is automatically set to be signed by me. The pgp line concerning my key says "sign as: " which result in the following error when sending: "error signing data: General error?" Unsetting and then resetting Security to "sign" results in the line "sign as: 0xA1XX" with the value of my Hex pgp Key configured in my .muttrc as "set pgp_sign_as = 0xA1XXX" and everything works as expected. How do I set the "" value that it uses my HexKey? Best, Orm -- Prof. Orm Finnendahl Komposition Hochschule für Musik und Darstellende Kunst Eschersheimer Landstr. 29-39 60322 Frankfurt am Main https://www.youtube.com/watch?v=2rWha1HTfFE=PLiGfneJSWmNw6dTUvcTHbTkCYOOTiB_N6
Re: Issue with PGP verification
On Thu Jul 16, 2020 09:07PM, Francesco Ariis wrote: > Il 16 luglio 2020 alle 14:58 Trey Sizemore ha scritto: > > Thanks Francesco. Still not able to verify some keys though. > > Can you do that manually with GPG and see if it takes a long time > on the command line too? It's not so much the time now as certain (recent) keys not being verifiable. But if the keyserver is working as it should, not sure what the problem is. -- Cheers, Trey In answer to the question of why it happened, I offer the modest proposal that our Universe is simply one of those things which happen from time to time. --Edward P. Tryon Darwin macbook 19.5.0 x86_64 16:10 up 3 days, 7:02, 3 users, load averages: 2.15 3.05 2.95
Re: Issue with PGP verification
Il 16 luglio 2020 alle 14:58 Trey Sizemore ha scritto: > Thanks Francesco. Still not able to verify some keys though. Can you do that manually with GPG and see if it takes a long time on the command line too?
Re: Issue with PGP verification
On Thu Jul 16, 2020 06:24PM, Francesco Ariis wrote: > Hello Trey, > > Il 16 luglio 2020 alle 10:56 Trey Sizemore ha scritto: > > Do I need to change the server(s) in my gpg.conf file and/or the method > > by which the key is attempting to be retreived? > > I do not use `auto-key-retrieve` myself, but I know for sure pgp.mit.edu > has been a little choosy lately. Maybe to put another serve in > `keyserver`? I use «pool.sks-keyservers.net» and it works nice > —F Thanks Francesco. Still not able to verify some keys though. -- Cheers, Trey If there is a sin against life, it consists perhaps not so much in despairing of life as in hoping for another life and in eluding the implacable grandeur of this life. --Albert Camus Darwin macbook 19.5.0 x86_64 14:57 up 3 days, 5:49, 3 users, load averages: 2.30 2.22 2.83
Re: Issue with PGP verification
Hello Trey, Il 16 luglio 2020 alle 10:56 Trey Sizemore ha scritto: > Do I need to change the server(s) in my gpg.conf file and/or the method > by which the key is attempting to be retreived? I do not use `auto-key-retrieve` myself, but I know for sure pgp.mit.edu has been a little choosy lately. Maybe to put another serve in `keyserver`? I use «pool.sks-keyservers.net» and it works nice —F
Issue with PGP verification
Hi- I've only seen this issue recently (and I realize it's not mutt-specific) but that's where I see it and I know there are many on the list who have this working well. On many emails with PGP signatures, attempting to view them with mutt from the index I get the message 'Invoking PGP..." for sometimes up to a minute or more (like it's hanging) and then the message body will display and the PGP portion of the header will read something like: [-- PGP output follows (current time: Thu 16 Jul 2020 10:07:19 AM EDT) --] gpg: Signature made Tue 14 Jul 2020 05:27:00 PM EDT gpg:using DSA key 28061C079B06D9752C2445CE8F1F244064FA7AA7 gpg: requesting key 8F1F244064FA7AA7 from hkp server pgp.mit.edu gpg: Can't check signature: No public key [-- End of PGP output --] Do I need to change the server(s) in my gpg.conf file and/or the method by which the key is attempting to be retreived? Thank you! -- Cheers, Trey No lake so still but that it has its wave; No circle so perfect but that it has a blur. I would change things for you if I could; As I can't, you must take them as they are. --Han fei Tzu Linux saturn 5.7.7-arch1-1 x86_64 10:51:36 up 4 days, 3:14, 1 user, load average: 0.79, 0.44, 0.46
Re: Inline PGP Within HTML
On Mon, Apr 27, 2020 at 01:46:26PM -0400, Scott Kostyshak wrote: > > Yeah, I've been trying to explain this to some folks around here > > recently, but not having much success. You have my sympathy. > > Agreed. It is frustrating. But Derek, please don't give up! I gave up a LOOONG time ago. Like others, it's my experience that my efforts were utterly a waste of time. Even if you can figure out to whom you could complain. Often enough such messages are from automated systems with "unmonitored accounts." And when there IS a text alternative, it often enough just says something like, "This e-mail must be viewed with an HTML-capable mail client." They clearly know it's an issue and don't care. -- Derek D. Martinhttp://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience. signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Thu, Apr 30, 2020 at 10:53:32AM -0400, Mark H. Wood wrote: > > A couple more ideas: > > 'maildrop' comes with some nice tools for working with mail in > scripts. (It's also a rather good filtering / routing / piping / > you-name-it MDA.) Maildrop is awesome and so much better than procmail. > Python has some nice standard library classes that are really good > at working with mailboxes (all kinds) and individual messages. Yes, it does. It can also be used very well with the Python bindings for the GnuPG Project's GPGME API. For example, here's a key import practiced on Kevin's key (just because, since you can see that result.unchanged is true and thus already had it). Python 3.8.2 (default, Apr 10 2020, 16:52:52) Type 'copyright', 'credits' or 'license' for more information IPython 7.13.0 -- An enhanced Interactive Python. Type '?' for help. In [1]: import requests In [2]: import gpg In [3]: url = "https://u15940057.ct.sendgrid.net/ls/click?upn=TfVBFLs581SSFDYC71Gnki6ytoyFTNVdUM4dqUBeCPia35bNXiwzFmYClpz3QP21G39Y0NzH9gkmXiwhrGiBpg-3D-3DvPzl_3cJdHWS4A4qHYuI0cbfv110yZgaEGqoy3qsIRLwUxNzRrGopS9bx7-2Bfg7illxJcEW23Jj94-2FxX9QbXBps6sq9ps60TwKp-2BLbC0uPpPIFVdLsL2cY91jwsNnZh-2BTF6GnxtR8PfINUamDg02yqfOsAnA1Tp5UIHFwDtL6Kd5gx1LIigAcwJIMJ3Z-2BO3t4Ixr5-2FTeSHMvBdhGCPK0JJ0KnIsUHfmM9VirJ54dvtwlJuBrQ-3D In [4]: r = requests.get(url) In [5]: result = gpg.Context().key_import(r.content) In [6]: len(result.imports) Out[6]: 1 In [7]: print(result) ImportResult(considered=1, imported=0, imported_rsa=0, imports=[ImportStatus(fpr='8975A9B33AA37910385C5308ADEF768480316BDA', result=0, status=0)], new_revocations=0, new_signatures=0, new_sub_keys=0, new_user_ids=0, no_user_id=0, not_imported=0, secret_imported=0, secret_read=0, secret_unchanged=0, skipped_new_keys=0, skipped_v3_keys=0, unchanged=1) In [8]: It's also documented well enough that getting it to behave with with all sorts of obscure custom stuff should be fairly straight forward. https://u15940057.ct.sendgrid.net/ls/click?upn=TfVBFLs581SSFDYC71Gnkki6qSNYtAoDX72HhaQ1QGBpddfa6Vm1iYIIBKo-2Fou413nRux54jyBPutHuXImlrUCE7OuLoVf4j9OIDFXUgRqo-3DBOt8_3cJdHWS4A4qHYuI0cbfv110yZgaEGqoy3qsIRLwUxNzRrGopS9bx7-2Bfg7illxJcEZKVverhnQMd44ujj7uP5upQKh04GQiU8GohDJPSiZcVvo3nD4iDdOeqp4ZZeu3jR3-2Fn6UR3gxY2ilzxW6kG8800Ru-2BklYNaqx4gcU09POClr7bkB3bLyqeFn5pTkKfyCLSZwBV4IhLweWNSH0b-2Fh6iKVI7rMzSBD7LQ3IQu7wXg-3D Obligatory disclaimer: I wrote the HOWTO and worked on the bindings extensively. Regards, Ben P.S. The HOWTO is hosted on AWS S3, so you can make it HTTPS if you want to trigger and then bypass the SSL wildcard certificate mismatch error message. signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Tue, Apr 28, 2020 at 12:18:14AM -0500, David Engel wrote: > > We are a small company ahd IT is only one of his many jobss along > with facilities, planning, project management and others. He got IT > because nobody else was willing to do it. The explanation I got for > not embracing an integrated, PGP solution was that he'd tried it > before and that it broke wheneve MS issued an update to Outlook. How many years ago did he try it? GPG4Win has made vast improvements over the last several years. As long as the Windows versions in use are relatively current (i.e post-runtime overhaul), then it should solve much of this. If they're prepared for a bigger change that will solve it and still let them use a GUI editor, then Thunderbird and Enigmail are right there. Hell, it was the default email for Sun Microsystems for years and you need huge amounts of email to screw with it too basly (which I have, which is why returned to Mutt/Neomutt and Emacs, though I actually had that with TB too). > I've shown an integrated solution to the two department heads > repsonsible for most of the users. One of them is my boss. The > problem is there is a lot of inertia behind the current, inefficient > way they do things. Everyone knows it's a pain but they all no how > to do it and are reluctant to change. Well, I guess that's a vehement *no* to the Thunderbird option. > To me, it's mind boggling how much productivity is lost. The text > for each encrypted email must be copied and pasted through the > stand-alone PGP to encrypt of decrypt. File attachements must be > encrypted separately before sending and saved and decrypted > separately upon receipt. It's crazy. Yeah, that's preety crazy and so unnecessary. I mean it's not like we're using PGP 2.x on old mid-'90s era systems. Depending on what the full scope of what the ultimate end result is, it might be possible to be streamlined and automated more, without adversely affecting any other senders or recipients who know how PGP/MIME works and that it's a Good Thing™ (like you). Regards, Ben signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Thu, Apr 30, 2020 at 05:38:24AM +0100, Dave Woodfall wrote: > On 2020-04-28 00:20, > David Engel put forth the proposition: > > On Mon, Apr 27, 2020 at 06:28:55PM -0500, Sven Semmler wrote: > > > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > > I've since written a filter to preprocess the HTML and remove the > > > > extra formatting before passing it to w3m. The traditional PGP coming > > > > out of w3m is now properly formatted. Alas, Mutt doesn't recognize it > > > > and automatically decrypt it. > > > > > > I wonder if you could just forward that sanitized block to yourself as > > > plain-text ... then mutt should deal with it just fine? > > > > > > It would add 2-3 keystrokes and be miles away from elegant ... but if it > > > works until you find a better solution... > > > > I tried that and Mutt forwards the original email in tact. Unless > > there's another forward command that sends the decoded text (I didn't > > find ont), I don't think it will work. > > I've never tried to work with encrypted messages via a script, but I > hope this is helpful or gives you some ideas. > > The only thing I can think of is keep trying shell scripting a > solution that would -dump the content from stdin to text, divide the > parts, and then maybe either pipe to less to view it (not so useful > for replying) or email/forward it back to yourself using either the > mutt command line, or mail/mailx + sendmail or whichever MTA you have > handy, hopefully keeping the headers intact or add the envelope from. > > Perhaps decode the encrypted part with gpg from the script, before > forwarding it to yourself. A couple more ideas: 'maildrop' comes with some nice tools for working with mail in scripts. (It's also a rather good filtering / routing / piping / you-name-it MDA.) Python has some nice standard library classes that are really good at working with mailboxes (all kinds) and individual messages. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Tue, Apr 28, 2020 at 12:20:16AM -0500, David Engel wrote: On Mon, Apr 27, 2020 at 06:28:55PM -0500, Sven Semmler wrote: I wonder if you could just forward that sanitized block to yourself as plain-text ... then mutt should deal with it just fine? I tried that and Mutt forwards the original email in tact. Unless there's another forward command that sends the decoded text (I didn't find ont), I don't think it will work. Try unsetting $mime_forward, and make sure $forward_decode is set (the default). As an aside, starting in 1.12.0, Mutt will offer to include attachments (via the quadoption $forward_attachments) for inline forwarding. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On 2020-04-28 00:20, David Engel put forth the proposition: > On Mon, Apr 27, 2020 at 06:28:55PM -0500, Sven Semmler wrote: > > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > I've since written a filter to preprocess the HTML and remove the > > > extra formatting before passing it to w3m. The traditional PGP coming > > > out of w3m is now properly formatted. Alas, Mutt doesn't recognize it > > > and automatically decrypt it. > > > > I wonder if you could just forward that sanitized block to yourself as > > plain-text ... then mutt should deal with it just fine? > > > > It would add 2-3 keystrokes and be miles away from elegant ... but if it > > works until you find a better solution... > > I tried that and Mutt forwards the original email in tact. Unless > there's another forward command that sends the decoded text (I didn't > find ont), I don't think it will work. I've never tried to work with encrypted messages via a script, but I hope this is helpful or gives you some ideas. The only thing I can think of is keep trying shell scripting a solution that would -dump the content from stdin to text, divide the parts, and then maybe either pipe to less to view it (not so useful for replying) or email/forward it back to yourself using either the mutt command line, or mail/mailx + sendmail or whichever MTA you have handy, hopefully keeping the headers intact or add the envelope from. Perhaps decode the encrypted part with gpg from the script, before forwarding it to yourself. If forwarding/emailing it to yourself doesn't work, you could print the contents into a new file (for maildir) or append to an mbox file (easier). This is how I keep a custom record of sent messages from a shell script. It appends each message to an mbox file: SMS="$HOME/sms/sms" # mbox file subject=${TEXT:0:69} # this is just a substring of the message text date=$(date +'%a %b %d %H:%M:%S %Y') # the format seems important chars=$(printf %s "$TEXT" | wc -m) balen=$(printf %s "$bal" | wc -m) echo "From $FROM $date" >> $SMS echo "Date: $date" >> $SMS echo "To: $NAME <$TO>" >> $SMS echo "From: $FROM" >> $SMS echo "Subject: $subject">> $SMS echo "Status: RO" >> $SMS echo "Content-Length: $((chars+balen))" >> $SMS echo "" >> $SMS echo "$TEXT">> $SMS echo "" >> $SMS echo "$bal" >> $SMS Each message must begin with a `From' line (without a colon). These are the minimum headers that seem to work for me in mutt for mbox format, but YMMV. Calling mutt -f ~/sms/sms will read the messages, which will appear as unread. There should be a way to do this automatically from procmail once you have a workable solution tested. I hope some of this is useful anyway. Dave
Re: Inline PGP Within HTML
On Tue, Apr 28, 2020 at 12:18:14AM -0500, David Engel wrote: > On Mon, Apr 27, 2020 at 01:46:26PM -0400, Scott Kostyshak wrote: > > On Mon, Apr 27, 2020 at 12:32:05PM -0500, Derek Martin wrote: > > > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > > I've given up politely asking people to remember to send email as > > > > either both text/html and text/plain or just text/plain when sending > > > > to me. It's a losing battle. :( > > > > You've given up *politely* asking? Meaning you are now asking > > impolitely? :) > > I do have to keep working with these people. :) > > > > Yeah, I've been trying to explain this to some folks around here > > > recently, but not having much success. You have my sympathy. > > > > Agreed. It is frustrating. But Derek, please don't give up! Even in the > > worst case scenario, we can slow the acceleration. I especially take the > > time to choose the battles where the email is from an automated system. > > I contact the support and send something like the following: > > > > Could you please modify your automatic emails to also send a > > plain-text version in addition to the HTML email? This is easy to do > > and most professional emails provide a plain text version (this is > > called multi-part MIME). > > > > If this doesn't make sense to you, please forward this request to your > > tech team. > > > > Thanks for your time! > > I have essentially done this but the problem keeps reoccurring. I > think part of the problem might be Outlook itself. I vaguely recall > seeing something about Outlook only sending both text/plain and > text/html when those are the only two parts. If another attachment is > included, I seem to recall that one of the text parts got dropped. I > could be wrong, though. > > I'm considering trying the polite approach again but this including > the pointer to the integrated solution I tested. Maybe I can start > the change from the bottom up. Makes sense. Good luck! Scott
Re: Inline PGP Within HTML
On Mon, Apr 27, 2020 at 01:46:57PM -0600, Akkana Peck wrote: > > > > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > > I've given up politely asking people to remember to send email as > > > > either both text/html and text/plain or just text/plain when sending > > > > to me. It's a losing battle. :( > > Since I don't have to deal with PGP, increasingly I wish people > would just send HTML and dispense with the text/plain. Lynx or > similar programs work fine inside mutt for HTML mail (if there isn't > too much fancy formatting), I guess we disagree :) > but if there's a text/plain part, more > and more often it's blank, garbled or just unreadable because it > lacks any line breaks. True, this is worse than not sending a plain part. Actually, in this case at least you might realize that you should check for the HTML message. Even worse is if the plain has some info but not all, in which case you might not even realize there's a problem. > Scott Kostyshak writes: > > If this doesn't make sense to you, please forward this request to your > > tech team. > > I wish! But the "tech team" almost never has any idea what MIME > multipart/alternative is, and any attempt to convince them that > they're sending out garbled email just results in "It looks fine > to me and nobody else has complained." > > In fact, out of many complaints about such problems, I don't think > I've *ever* gotten an answer like "Oh, thanks for letting me know, > I guess I never checked the plaintext part." It's been "looks fine > to me" every. single. time. And most of the time, no matter how many > times we go back and forth I can never manage to convince them even > that a text part exists, let alone that it's worth fixing. I have had similar troubles. Most of the time I don't get a response. But once in a while I come across a kind tech support person who is open to the idea and that makes up for the 10 non-responses so I keep trying. Scott
Re: Inline PGP Within HTML
On Mon, Apr 27, 2020 at 06:28:55PM -0500, Sven Semmler wrote: > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > I've since written a filter to preprocess the HTML and remove the > > extra formatting before passing it to w3m. The traditional PGP coming > > out of w3m is now properly formatted. Alas, Mutt doesn't recognize it > > and automatically decrypt it. > > I wonder if you could just forward that sanitized block to yourself as > plain-text ... then mutt should deal with it just fine? > > It would add 2-3 keystrokes and be miles away from elegant ... but if it > works until you find a better solution... I tried that and Mutt forwards the original email in tact. Unless there's another forward command that sends the decoded text (I didn't find ont), I don't think it will work. David -- David Engel da...@istwok.net
Re: Inline PGP Within HTML
On Mon, Apr 27, 2020 at 12:32:05PM -0500, Derek Martin wrote: > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > Hi, > > > > My company uses PGP/GPG when sending sensitive material through email. > > Unfortunately (for them and me), most people use Outlook and our IT > > guy refuses to install any Outlook plugin for them to properly handle > > encypted emails. > > I know this doesn't really help you, but your real problem is you need > to fire your IT guy. As a former one myself, the role of IT should be > to help users solve their legitimate business-need cases of technology > issues, and yours has failed. He needs to be taught that is job is to > aid, not hinder, the business achieving its goals. We are a small company ahd IT is only one of his many jobss along with facilities, planning, project management and others. He got IT because nobody else was willing to do it. The explanation I got for not embracing an integrated, PGP solution was that he'd tried it before and that it broke wheneve MS issued an update to Outlook. > Barring that, you need to seek out those with enough political power > to force your IT guy to do what you need, and convince them to do so. > Everyone has a boss... And if you lack access to those people, it's > just a matter of finding someone you do have access to who does, who > will sympathize, or at least empathize, and make your case for you. I've shown an integrated solution to the two department heads repsonsible for most of the users. One of them is my boss. The problem is there is a lot of inertia behind the current, inefficient way they do things. Everyone knows it's a pain but they all no how to do it and are reluctant to change. To me, it's mind boggling how much productivity is lost. The text for each encrypted email must be copied and pasted through the stand-alone PGP to encrypt of decrypt. File attachements must be encrypted separately before sending and saved and decrypted separately upon receipt. It's crazy. On Mon, Apr 27, 2020 at 01:46:26PM -0400, Scott Kostyshak wrote: > On Mon, Apr 27, 2020 at 12:32:05PM -0500, Derek Martin wrote: > > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > I've given up politely asking people to remember to send email as > > > either both text/html and text/plain or just text/plain when sending > > > to me. It's a losing battle. :( > > You've given up *politely* asking? Meaning you are now asking > impolitely? :) I do have to keep working with these people. :) > > Yeah, I've been trying to explain this to some folks around here > > recently, but not having much success. You have my sympathy. > > Agreed. It is frustrating. But Derek, please don't give up! Even in the > worst case scenario, we can slow the acceleration. I especially take the > time to choose the battles where the email is from an automated system. > I contact the support and send something like the following: > > Could you please modify your automatic emails to also send a > plain-text version in addition to the HTML email? This is easy to do > and most professional emails provide a plain text version (this is > called multi-part MIME). > > If this doesn't make sense to you, please forward this request to your > tech team. > > Thanks for your time! I have essentially done this but the problem keeps reoccurring. I think part of the problem might be Outlook itself. I vaguely recall seeing something about Outlook only sending both text/plain and text/html when those are the only two parts. If another attachment is included, I seem to recall that one of the text parts got dropped. I could be wrong, though. I'm considering trying the polite approach again but this including the pointer to the integrated solution I tested. Maybe I can start the change from the bottom up. David -- David Engel da...@istwok.net
Re: Inline PGP Within HTML
> > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > > I've given up politely asking people to remember to send email as > > > either both text/html and text/plain or just text/plain when sending > > > to me. It's a losing battle. :( Since I don't have to deal with PGP, increasingly I wish people would just send HTML and dispense with the text/plain. Lynx or similar programs work fine inside mutt for HTML mail (if there isn't too much fancy formatting), but if there's a text/plain part, more and more often it's blank, garbled or just unreadable because it lacks any line breaks. Scott Kostyshak writes: > If this doesn't make sense to you, please forward this request to your > tech team. I wish! But the "tech team" almost never has any idea what MIME multipart/alternative is, and any attempt to convince them that they're sending out garbled email just results in "It looks fine to me and nobody else has complained." In fact, out of many complaints about such problems, I don't think I've *ever* gotten an answer like "Oh, thanks for letting me know, I guess I never checked the plaintext part." It's been "looks fine to me" every. single. time. And most of the time, no matter how many times we go back and forth I can never manage to convince them even that a text part exists, let alone that it's worth fixing. ...Akkana
Re: Inline PGP Within HTML
On Mon, Apr 27, 2020 at 12:32:05PM -0500, Derek Martin wrote: > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > I've given up politely asking people to remember to send email as > > either both text/html and text/plain or just text/plain when sending > > to me. It's a losing battle. :( You've given up *politely* asking? Meaning you are now asking impolitely? :) > Yeah, I've been trying to explain this to some folks around here > recently, but not having much success. You have my sympathy. Agreed. It is frustrating. But Derek, please don't give up! Even in the worst case scenario, we can slow the acceleration. I especially take the time to choose the battles where the email is from an automated system. I contact the support and send something like the following: Could you please modify your automatic emails to also send a plain-text version in addition to the HTML email? This is easy to do and most professional emails provide a plain text version (this is called multi-part MIME). If this doesn't make sense to you, please forward this request to your tech team. Thanks for your time! Best, Scott
Re: Inline PGP Within HTML
On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > Hi, > > My company uses PGP/GPG when sending sensitive material through email. > Unfortunately (for them and me), most people use Outlook and our IT > guy refuses to install any Outlook plugin for them to properly handle > encypted emails. I know this doesn't really help you, but your real problem is you need to fire your IT guy. As a former one myself, the role of IT should be to help users solve their legitimate business-need cases of technology issues, and yours has failed. He needs to be taught that is job is to aid, not hinder, the business achieving its goals. Barring that, you need to seek out those with enough political power to force your IT guy to do what you need, and convince them to do so. Everyone has a boss... And if you lack access to those people, it's just a matter of finding someone you do have access to who does, who will sympathize, or at least empathize, and make your case for you. > I've given up politely asking people to remember to send email as > either both text/html and text/plain or just text/plain when sending > to me. It's a losing battle. :( Yeah, I've been trying to explain this to some folks around here recently, but not having much success. You have my sympathy. -- Derek D. Martinhttp://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience. signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Sun, Apr 26, 2020 at 11:31:36AM -0700, Kevin J. McCarthy wrote: > On Sun, Apr 26, 2020 at 01:15:26PM -0500, David Engel wrote: > > Thanks for the tip. Mutt still doesn't recognize the PGP block, > > however. :( That's not surprising. It probably doesn't check the > > processed output because no sane person would wrap a PGP block in > > HTML! > > Yes, sorry that's right. Mutt doesn't check autoview output - it's rendered > and that's it. Perhaps the pipe you wrote could filter and generate a new > message (in a temporary mailbox) of content-type text/plain. How about a utiltiy that takes the text/html part, formats it as text and then replaces it with a multipart/atlternative containg both the original text/html and the new text/plain. Even better if Mutt could do that itself. In the for what it's worth department. I rechecked using Gpg4Win with Outlook. It's the solution for Windows/Outlook users that I previoulsy pushed. It handled the HTML-encapsulated PGP block just fine. David -- David Engel da...@istwok.net
Re: Inline PGP Within HTML
On Sun, Apr 26, 2020 at 01:15:26PM -0500, David Engel wrote: Thanks for the tip. Mutt still doesn't recognize the PGP block, however. :( That's not surprising. It probably doesn't check the processed output because no sane person would wrap a PGP block in HTML! Yes, sorry that's right. Mutt doesn't check autoview output - it's rendered and that's it. Perhaps the pipe you wrote could filter and generate a new message (in a temporary mailbox) of content-type text/plain. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: Inline PGP Within HTML
On Sun, Apr 26, 2020 at 11:59:43AM +0200, Jens John wrote: > On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > > IT guy refuses to install any Outlook plugin for them to properly > > handle encypted emails. > > Outlook has pretty comprehensive, native support for encrypting and > signing with S/MIME. Perhaps your IT guy would be more open to just > using a well-documented Outlook feature? As mutt has support for S/MIME > too, this might be much more workable than insisting on PGP. I've suggested that before. A few of us even had to use S/MIME for a while when a customer required us to. Basically, it boils down to inertia. PGP already works (for their definition of works) so why change. David -- David Engel da...@istwok.net
Re: Inline PGP Within HTML
On Sun, Apr 26, 2020 at 09:13:59AM +0100, Dave Woodfall wrote: > On 2020-04-26 08:04, > Dave Woodfall put forth the proposition: > > On 2020-04-25 21:46, > > David Engel put forth the proposition: > > > Hi, > > > > > > > Elinks[1] has an option to `compress-empty-lines'. Other than that > > perhaps piping the -dumped text through cat -s or --squeeze-blank > > might work - e.g. `w3m -dump | cat -d ...' > > > > [1] http://elinks.or.cz/index.html > > Oops, I meant: `w3m -dump | cat -s ...' Thanks for the tip. Mutt still doesn't recognize the PGP block, however. :( That's not surprising. It probably doesn't check the processed output because no sane person would wrap a PGP block in HTML! David -- David Engel da...@istwok.net
Re: Inline PGP Within HTML
On Sat, Apr 25, 2020 at 09:46:48PM -0500, David Engel wrote: > IT guy refuses to install any Outlook plugin for them to properly > handle encypted emails. Outlook has pretty comprehensive, native support for encrypting and signing with S/MIME. Perhaps your IT guy would be more open to just using a well-documented Outlook feature? As mutt has support for S/MIME too, this might be much more workable than insisting on PGP.
Re: Inline PGP Within HTML
On 2020-04-26 08:04, Dave Woodfall put forth the proposition: > On 2020-04-25 21:46, > David Engel put forth the proposition: > > Hi, > > > > Elinks[1] has an option to `compress-empty-lines'. Other than that > perhaps piping the -dumped text through cat -s or --squeeze-blank > might work - e.g. `w3m -dump | cat -d ...' > > [1] http://elinks.or.cz/index.html Oops, I meant: `w3m -dump | cat -s ...'
Re: Inline PGP Within HTML
On 2020-04-25 21:46, David Engel put forth the proposition: > Hi, > > My company uses PGP/GPG when sending sensitive material through email. > Unfortunately (for them and me), most people use Outlook and our IT > guy refuses to install any Outlook plugin for them to properly handle > encypted emails. Consequently, I receive such sensitive material as > traditional, PGP which the Outlook users have copied and pasted the > output from PGP into the email. They have to copy and paste the other > direction through PGP when they receive encrypted email. > > When the traditional PGP is sent to me as text/plain, Mutt handles it > just fine automatically and I silently laugh at the hoops the Outlook > users have to jump through to send and receive encrypted email. > However, after a recent Outlook upgrade/reinstall, I now frequently > receive the traditional PGP as text/html. Mutt doesn't recognize the > traditioinal PGP after after the entire html part gets sent through > w3m as directed by my .mailcap. I've given up politely asking people > to remember to send email as either both text/html and text/plain or > just text/plain when sending to me. It's a losing battle. :( > > Anyway, I'd hoped the unrecognition of the traditional PGP in HTML was > due to the formatting done by w3m. Outlook adorns the pssted in text > with additional and tags that cause w3m to double-space the > output making it look like the following. Links2 does the same thing. Elinks[1] has an option to `compress-empty-lines'. Other than that perhaps piping the -dumped text through cat -s or --squeeze-blank might work - e.g. `w3m -dump | cat -d ...' [1] http://elinks.or.cz/index.html
Inline PGP Within HTML
Hi, My company uses PGP/GPG when sending sensitive material through email. Unfortunately (for them and me), most people use Outlook and our IT guy refuses to install any Outlook plugin for them to properly handle encypted emails. Consequently, I receive such sensitive material as traditional, PGP which the Outlook users have copied and pasted the output from PGP into the email. They have to copy and paste the other direction through PGP when they receive encrypted email. When the traditional PGP is sent to me as text/plain, Mutt handles it just fine automatically and I silently laugh at the hoops the Outlook users have to jump through to send and receive encrypted email. However, after a recent Outlook upgrade/reinstall, I now frequently receive the traditional PGP as text/html. Mutt doesn't recognize the traditioinal PGP after after the entire html part gets sent through w3m as directed by my .mailcap. I've given up politely asking people to remember to send email as either both text/html and text/plain or just text/plain when sending to me. It's a losing battle. :( Anyway, I'd hoped the unrecognition of the traditional PGP in HTML was due to the formatting done by w3m. Outlook adorns the pssted in text with additional and tags that cause w3m to double-space the output making it look like the following. Links2 does the same thing. -BEGIN PGP MESSAGE- Version: PGP Desktop 10.2.1 (Build 4461) Charset: utf-8 qANQR1DBwEwDMFKBIik8rZcBB/wPW8jUNyil8aMIjRDmLCWcYkk340hW7jbGdiBV I've since written a filter to preprocess the HTML and remove the extra formatting before passing it to w3m. The traditional PGP coming out of w3m is now properly formatted. Alas, Mutt doesn't recognize it and automatically decrypt it. Is there anyway I can get Mutt to recognize the traditional PGP after going through my filter and w3m? If not, I'm going to have to write another filter to postprocess the text coming from w3m to recognize traditional PGP and decrypt it while leaving any surrounding text. Unconditionally running the output through gpg -d doesn't work. gpg errors out when there isn't any encrypted part to decrypt and also doesn't preserve the surrounding text. Even if I can get this postprocessing to work, Mutt won't know that the original email was encrypted and automatically encrypt any replies I send. David -- David Engel da...@istwok.net
Re: PGP SIGNED MESSAGE in mutt not checked
On Mon, Feb 17, 2020 at 07:03:59AM +0100, Matthias Apitz wrote: I receive mails from some friend with the structure shown below, private data removed or overwritten. How mutt could check automagically the signed content or is there something missing in the mail header? The message is inline signed. There is no indication in the headers that the message is signed, so Mutt doesn't know to check the signature by default. Setting $pgp_auto_decode tells Mutt to scan each message just before displaying it in the pager (and also when replying, forwarding, or editing the message.) Alternatively, you can manually invoke , by default bound to Esc-P, in the index and pager. But I'd like to have mutt do this on the flight already in the Index page... There isn't an option to automatically scan before displaying in the index. That would greatly slow down opening mailboxes, because each message would have to be parsed and scanned. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
PGP SIGNED MESSAGE in mutt not checked
Hello I receive mails from some friend with the structure shown below, private data removed or overwritten. How mutt could check automagically the signed content or is there something missing in the mail header? Ofc, I can pipe the body through '|gpg2 --verify' or define a key in mutt todo so. But I'd like to have mutt do this on the flight already in the Index page... Thanks - Forwarded message from XX - From: XX Subject: Re: X To: Matthias Apitz References: <20200206203936.GA2808@c720-r342378> Message-ID: Date: Sun, 16 Feb 2020 18:56:28 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: <20200214212923.GA2743@c720-r342378> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: de-DE X-Envelope-To: g...@unixarea.de Status: RO Content-Length: 1630 Lines: 49 -----BEGIN PGP SIGNED MESSAGE- Hash: SHA1 -----BEGIN PGP SIGNATURE- iF0EARECAB0WIQRUA9NDG0Yepqex7DX6YxG8W2vJLgUCXkmCLQAKCRD6YxG8W2vJ LkwCAJ9onJh++VZB62WNSyJXS//2ZaLIYgCeNMBbplwX1V/3KuOTQ9pi60Z7fCg= =f73L -END PGP SIGNATURE- - End forwarded message - -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub signature.asc Description: PGP signature
Re: Composing ask From: address and arbitrary keys in PGP
> After using your configration, it still gives me error: Source error > ~/.config/neomutt/profiles.d/1.rc > > It seems something important is missing from the code. There’s always the chance that copy and paste did mess up something. Maybe this will fix it for you: https://pastebin.com/cmJS7mz5 Good luck! Robert
Re: Composing ask From: address and arbitrary keys in PGP
On Thu, Aug 01, 2019 at 05:50:59AM +, Ryan Smith wrote: The identity macro does work, but it will not work for setting custom header in composing new emails as hdr is set before about sending emails. I tried gpgme which does not seems to give me any option to select self encrypt key based on From: , but always use default key Can you illustrate more on how to select signing key based on From: in gpgme? gpgme seems also only uses default key as sign as if you have multiple accounts and different for keys for each account. Ryan Sorry I wasn't clear. Re-reading what I wrote, seems to suggest I select the From: and then the appropiate key gets auto-selected. That doesn't happen. The default key remains the default key. If I select a different From: and want a signing key for that identity, I select the appropriate key from the gpg sign-as multi-selection. The other way of doing it is to have two mutt sessions each running in screen or tmux, each with different muttrc files with different identities and different signing defaults. This is how I keep work emails amd mailing list emails separate. -- J. signature.asc Description: PGP signature
Re: Composing ask From: address and arbitrary keys in PGP
On Thu, Aug 01, 2019 at 09:58:54PM +, Robert wrote: > > > An example identity could look like this in the profiles.rc: > > > > > > macro index 1 'source > > > ~/.config/neomutt/profiles.d/1.rc' > > > macro compose 1 'source > > > > > > ~/.config/neomutt/profiles.d/1.rccurrent-from' > > > reply-hook '~C ^per...@example.com$' 'source > > > ~/.config/neomutt/profiles.d/1.rc' > > > I tried your code in both mutt and neomutt, created that 1.rc file in > > the relevant directory, and both of them gives me error > > > > Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown > > command > > Error in .muttrc, > > ~/.config/neomutt/profiles.d/1.rccurrent-from: > > unknown command > > Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown command > > > > for mutt I also created a 1.rc file in ~.mutt/profiles.d/1.rc, still > > gives me the same errors. > > Hm, looks like you took the line breaks verbatim from the mail. Let me > rephrase my previous code: > > macro index 1 'source > ~/.config/neomutt/profiles.d/1.rc > macro compose 1 'source > ~/.config/neomutt/profiles.d/1.rccurrent-from' > reply-hook '~C ^per...@example.com$' 'source > ~/.config/neomutt/profiles.d/1.rc' > > That's three lines. > > > Can you check your codes to see if you typed correctly or you may have > > left something? > > Nope, that's pretty much my setup. Of course, I generate the profiles.rc > and the profile.d/*.rc files with a script based on a yaml file, but the > generated configuration looks just like that. > > > Hope that helps, > Robert > After using your configration, it still gives me error: Source error ~/.config/neomutt/profiles.d/1.rc It seems something important is missing from the code. Ryan
Re: Composing ask From: address and arbitrary keys in PGP
> > An example identity could look like this in the profiles.rc: > > > > macro index 1 'source > > ~/.config/neomutt/profiles.d/1.rc' > > macro compose 1 'source > > > > ~/.config/neomutt/profiles.d/1.rccurrent-from' > > reply-hook '~C ^per...@example.com$' 'source > > ~/.config/neomutt/profiles.d/1.rc' > I tried your code in both mutt and neomutt, created that 1.rc file in > the relevant directory, and both of them gives me error > > Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown > command > Error in .muttrc, > ~/.config/neomutt/profiles.d/1.rccurrent-from: > unknown command > Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown command > > for mutt I also created a 1.rc file in ~.mutt/profiles.d/1.rc, still > gives me the same errors. Hm, looks like you took the line breaks verbatim from the mail. Let me rephrase my previous code: macro index 1 'source ~/.config/neomutt/profiles.d/1.rc macro compose 1 'source ~/.config/neomutt/profiles.d/1.rccurrent-from' reply-hook '~C ^per...@example.com$' 'source ~/.config/neomutt/profiles.d/1.rc' That's three lines. > Can you check your codes to see if you typed correctly or you may have > left something? Nope, that's pretty much my setup. Of course, I generate the profiles.rc and the profile.d/*.rc files with a script based on a yaml file, but the generated configuration looks just like that. Hope that helps, Robert
Re: Composing ask From: address and arbitrary keys in PGP
The identity macro does work, but it will not work for setting custom header in composing new emails as hdr is set before about sending emails. I tried gpgme which does not seems to give me any option to select self encrypt key based on From: , but always use default key Can you illustrate more on how to select signing key based on From: in gpgme? gpgme seems also only uses default key as sign as if you have multiple accounts and different for keys for each account. Ryan Original Message From: tech-lists Sent: July 27, 2019 3:55:07 PM UTC To: mutt-users@mutt.org Subject: Re: Composing ask From: address and arbitrary keys in PGP On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: > 1. When composing messages, mutt ask To: or recipient adress and > Subject: and then go to editor. How to make mutt ask for > From: or sender address only and then go to editor? I use this, in muttrc: # my identities macro compose v "^Uidentity_" "Select from" alias identity_a0 tech-lists alias identity_a1 someotheraddress [...etc...] and use v then hit tab to get a selectable list. This selected when about to send the email. I'm unsure what the proper name for that part of mutt is. I use gpgme which selects the signing key based on From: -- J.
Re: Composing ask From: address and arbitrary keys in PGP
On 2019-07-26 21:36, Derek Martin wrote: > On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: >> 1. When composing messages, mutt ask To: or recipient adress and >> Subject and then go to editor. How to make mutt ask for From: or >> sender address only and then go to editor? >> > The typical way to do this is with send hooks or folder hooks. Use > my_hdr in one of those hooks to set the From: line. It only works on reply messages, but not composing new messages as I explained in my previous messages about mutt compose flow. > >> 2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based >> on To: address to the recipient. But PGP also need From: address or >> sender's key to encrypt messages, sign messages or even attch their >> own public key. By default, mutt uses system default key or oldest >> key created for encryption, sign messages or attach public key. > > Same answer as above, but instead set pgp_sign_as. If need be you can > use a hook to set your pgp_encrypt_only_command and/or > pgp_encrypt_sign_command (and set the ID to use in those, or use a > different gnupg options file, etc.). Again It only works on reply messages, but not composing new messages as I explained in my previous messages. Hence, asking From: address before getting into editor is very important for multiple email accounts or identities setting and mutt should have such a feature. If it asks To: and Subject:, why not From:? If people do not like it, mutt should also provide syntax to turn each section or all sections off.
Re: Composing ask From: address and arbitrary keys in PGP
On 2019-07-26 19:30, Kevin J. McCarthy wrote: > On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: >>1. When composing messages, mutt ask To: or recipient adress and Subject: and >>then go to editor. How to make mutt ask for From: or sender address only and >>then go to editor? > > Mutt doesn't have an option for that. Custom From headers can be > controlled by folder-hook, reply-hook, send-hook, or even macros; > typically via setting my_hdr. $edit_headers is also useful. > > See <http://www.mutt.org/doc/manual/#compose-flow> for a (somewhat > terse) overview of message composition. As these compose flow suggests, the hooks setting custom header or my_hdr only work for reply messages, not compose new messages because my_hdr is set before getting into the editor. Because mutt does not ask which email address or identity I use as From: section, hooks does not know it either and hence will not generate different headers based on different identities or email addresses (From: address not To:) Hooks only work if it knows emails address before getting into editor. Therefore, maybe mutt should add such a feature, which is very important for multiple identities or email addresses. If it ask To: and Subject:, why not ask From:? If people do not want it and prefer to get into editor directly, they can also turn it off. > >>2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based on To: >>address to the recipient. But PGP also need From: address or sender's key to >>encrypt messages > > Encrypting to self is controlled by $pgp_self_encrypt and $pgp_default_key. > >>, sign messages > > The signing key is also controlled by $pgp_default_key, and can be > overridden by $pgp_sign_as or the compose "sign (a)s" > option. This works smoothly for one email account or one identity, (people can set default or one pgp_self_encrypt) but not multiple identities or email accounts where people do not want default PGP key, but provide me a list of my own keys to choose from based on From: to encrypt. In website, https://gitlab.com/muttmua/mutt/wikis/MuttGuide/UseGPG, the instructions are also very short and only for one email accounts. It is probably a good idea to provide instructions on multiple accounts and multiple PGP keys. If we know how to do it in multiple email accounts, we naturally know how to do it in one account. Ryan
Re: Composing ask From: address and arbitrary keys in PGP
On 2019-07-27 09:42, Robert wrote: > On 2019-07-26, 05:12, g...@riseup.net wrote: >> 1. When composing messages, mutt ask To: or recipient adress and Subject: >> and then go to editor. How to make mutt ask for From: or sender address only >> and then go to editor? >> This is useful for people with multiple accounts or multiple identities in >> each email account if they set custom headers based on each email account or >> identity eg, From: address. > > As it has been suggested earlier, a common way to handle this is the > reply-hook. I would like to elaborate on this a bit, since you mentioned > custom headers per identity: > > I'm using a profiles.rc file as a dispatcher for all identities > (reply-hooks and shortcuts to toggle between identities) and as a fix > point to include from muttrc. > > Each identity is a separate rc file which is then source'd. > > An example identity could look like this in the profiles.rc: > > macro index 1 'source > ~/.config/neomutt/profiles.d/1.rc' > macro compose 1 'source > > ~/.config/neomutt/profiles.d/1.rccurrent-from' > reply-hook '~C ^per...@example.com$' 'source > ~/.config/neomutt/profiles.d/1.rc' > > That'll enable the 1 shortcut in both index and compose to switch > to profile 1. In compose it will also set the from accordingly (using a > alias that's set inside the 1.rc). > > The 1.rc might look like this: > > source ~/.config/neomutt/profiles.d/clear.rc > > set from="per...@example.com" > set realname="Example Person" > alias current-from per...@example.com (Person) > set pgp_sign_as = ... > set crypt_autosign = ... > > set record = +sent-mail > set postponed = +drafts > set trash = +dustbin > > clear.rc is a generic "blank profile" that resets all values so make > sure that profiles don't bleed into each other. > > And from then on you can just add all the values that you want to have > set in this identity. > > As you can see, you can even set the folders for sent mail, postponed > messages and the trash. > > Hope this helps! > Robert I tried your code in both mutt and neomutt, created that 1.rc file in the relevant directory, and both of them gives me error Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown command Error in .muttrc, ~/.config/neomutt/profiles.d/1.rccurrent-from: unknown command Error in .muttrc, ~/.config/neomutt/profiles.d/1.rc: unknown command for mutt I also created a 1.rc file in ~.mutt/profiles.d/1.rc, still gives me the same errors. Can you check your codes to see if you typed correctly or you may have left something? Ryan
Re: Composing ask From: address and arbitrary keys in PGP
On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: 1. When composing messages, mutt ask To: or recipient adress and Subject: and then go to editor. How to make mutt ask for From: or sender address only and then go to editor? I use this, in muttrc: # my identities macro compose v "^Uidentity_" "Select from" alias identity_a0 tech-lists alias identity_a1 someotheraddress [...etc...] and use v then hit tab to get a selectable list. This selected when about to send the email. I'm unsure what the proper name for that part of mutt is. I use gpgme which selects the signing key based on From: -- J. signature.asc Description: PGP signature
Re: Composing ask From: address and arbitrary keys in PGP
On 2019-07-26, 05:12, g...@riseup.net wrote: > 1. When composing messages, mutt ask To: or recipient adress and Subject: and > then go to editor. How to make mutt ask for From: or sender address only and > then go to editor? > This is useful for people with multiple accounts or multiple identities in > each email account if they set custom headers based on each email account or > identity eg, From: address. As it has been suggested earlier, a common way to handle this is the reply-hook. I would like to elaborate on this a bit, since you mentioned custom headers per identity: I'm using a profiles.rc file as a dispatcher for all identities (reply-hooks and shortcuts to toggle between identities) and as a fix point to include from muttrc. Each identity is a separate rc file which is then source'd. An example identity could look like this in the profiles.rc: macro index 1 'source ~/.config/neomutt/profiles.d/1.rc' macro compose 1 'source ~/.config/neomutt/profiles.d/1.rccurrent-from' reply-hook '~C ^per...@example.com$' 'source ~/.config/neomutt/profiles.d/1.rc' That'll enable the 1 shortcut in both index and compose to switch to profile 1. In compose it will also set the from accordingly (using a alias that's set inside the 1.rc). The 1.rc might look like this: source ~/.config/neomutt/profiles.d/clear.rc set from="per...@example.com" set realname="Example Person" alias current-from per...@example.com (Person) set pgp_sign_as = ... set crypt_autosign = ... set record = +sent-mail set postponed = +drafts set trash = +dustbin clear.rc is a generic "blank profile" that resets all values so make sure that profiles don't bleed into each other. And from then on you can just add all the values that you want to have set in this identity. As you can see, you can even set the folders for sent mail, postponed messages and the trash. Hope this helps! Robert
Re: Composing ask From: address and arbitrary keys in PGP
On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: > 1. When composing messages, mutt ask To: or recipient adress and > Subject and then go to editor. How to make mutt ask for From: or > sender address only and then go to editor? > The typical way to do this is with send hooks or folder hooks. Use my_hdr in one of those hooks to set the From: line. > 2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based > on To: address to the recipient. But PGP also need From: address or > sender's key to encrypt messages, sign messages or even attch their > own public key. By default, mutt uses system default key or oldest > key created for encryption, sign messages or attach public key. Same answer as above, but instead set pgp_sign_as. If need be you can use a hook to set your pgp_encrypt_only_command and/or pgp_encrypt_sign_command (and set the ID to use in those, or use a different gnupg options file, etc.). -- Derek D. Martinhttp://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience. pgp99hj0x7amQ.pgp Description: PGP signature
Re: Composing ask From: address and arbitrary keys in PGP
On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: 1. When composing messages, mutt ask To: or recipient adress and Subject: and then go to editor. How to make mutt ask for From: or sender address only and then go to editor? Mutt doesn't have an option for that. Custom From headers can be controlled by folder-hook, reply-hook, send-hook, or even macros; typically via setting my_hdr. $edit_headers is also useful. See <http://www.mutt.org/doc/manual/#compose-flow> for a (somewhat terse) overview of message composition. 2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based on To: address to the recipient. But PGP also need From: address or sender's key to encrypt messages Encrypting to self is controlled by $pgp_self_encrypt and $pgp_default_key. , sign messages The signing key is also controlled by $pgp_default_key, and can be overridden by $pgp_sign_as or the compose "sign (a)s" option. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: Composing ask From: address and arbitrary keys in PGP
On Fri, Jul 26, 2019 at 05:12:08AM +, g...@riseup.net wrote: > 1. When composing messages, mutt ask To: or recipient adress and Subject: and > then go to editor. How to make mutt ask for From: or sender address only and > then go to editor? > > This is useful for people with multiple accounts or multiple identities in > each email account if they set custom headers based on each email account or > identity eg, From: address. > > 2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based on To: > address to the recipient. But PGP also need From: address or sender's key to > encrypt messages, sign messages or even attch their own public key. By > default, mutt uses system default key or oldest key created for encryption, > sign messages or attach public key. > > How to choose arbitrary keys from PGP key chain as From: or sender's key to > sign, encrypt or attach? Are there also some > "From_crypt_opportunistic_encrypt" based on sende' key? > It is probaby a good idea if mutt has an option to show a list of all PGP keys that people can choose from, as From: or sender's key to sign, encrypt or attach, every time they compose a PGP message, if they have multiple email accounts. Such option may even also be good for choosing recipient key because some people use PGP keys that are different from their email address. > People with multiple accounts or multiple identities in each email account > may want to use different keys that match their corresponding email accounts > or From: address to sign, encrypt or attach in corresponding messages. > > Ryan > >
Composing ask From: address and arbitrary keys in PGP
1. When composing messages, mutt ask To: or recipient adress and Subject: and then go to editor. How to make mutt ask for From: or sender address only and then go to editor? This is useful for people with multiple accounts or multiple identities in each email account if they set custom headers based on each email account or identity eg, From: address. 2. In PGP, mutt has crypt_opportunistic_encrypt to select keys based on To: address to the recipient. But PGP also need From: address or sender's key to encrypt messages, sign messages or even attch their own public key. By default, mutt uses system default key or oldest key created for encryption, sign messages or attach public key. How to choose arbitrary keys from PGP key chain as From: or sender's key to sign, encrypt or attach? Are there also some "From_crypt_opportunistic_encrypt" based on sende' key? People with multiple accounts or multiple identities in each email account may want to use different keys that match their corresponding email accounts or From: address to sign, encrypt or attach in corresponding messages. Ryan
Re: Check PGP sigs only when I need to
On 2018-09-26 16:23, Kevin J. McCarthy wrote: > > Well I thought about that. But I really want to check the sig _when I > > am already on the message_. How do I make mutt re-read the message and > > check the sig in my macro? > > set crypt_verify_sig=no > macro pager ,cs \ > "set crypt_verify_sig=yes\ > set crypt_verify_sig=no" "manual-check-signature" And this seems to work, thanks. -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
Re: Check PGP sigs only when I need to
On Wed, Sep 26, 2018 at 03:51:45PM -0700, Ian Zimmerman wrote: > Well I thought about that. But I really want to check the sig _when I > am already on the message_. How do I make mutt re-read the message and > check the sig in my macro? set crypt_verify_sig=no macro pager ,cs \ "set crypt_verify_sig=yes\ set crypt_verify_sig=no" "manual-check-signature" -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: Check PGP sigs only when I need to
On 2018-09-26 21:12, David Woodfall wrote: > > The ideal solution I dream about is a specific command/keystroke to > > check the signature of a message, when already viewing that message. > > Strange as it is this natural command doesn't seem to exist - or am I > > wrong about this? And if I'm right would it make sense to add such a > > command? > > > You can make a key bind/macro to do pretty much everything, including > changing settings like that. > Well I thought about that. But I really want to check the sig _when I am already on the message_. How do I make mutt re-read the message and check the sig in my macro? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
Re: Check PGP sigs only when I need to
On Wednesday 26 September 2018 10:14, Ian Zimmerman put forth the proposition: > Hello mutt lovers, > > I still have not found a good way to check PGP signatures. The root > problem is that many (probably more than half) signatures on mailing > list messages, including this one, are broken. I have given up on > addressing that root problem, but I would still like to check signatures > on private messages on occasion. I know about the variable > crypt_verify_sig, but it's not a real solution in itself (ie. when set > to ask-no) because I still waste time responding to the prompt. I could > set it in a folder hook to yes or no depending on the folder, but I am > also trying to avoid folder hooks as much as possible, with their > complexity and opacity [1]. > > The ideal solution I dream about is a specific command/keystroke to > check the signature of a message, when already viewing that message. > Strange as it is this natural command doesn't seem to exist - or am I > wrong about this? And if I'm right would it make sense to add such a > command? > > [1] > How many people really know the exact rules by which the pattern in a > folder hook matches? > > -- > Please don't Cc: me privately on mailing lists and Usenet, > if you also post the followup to the list or newsgroup. > To reply privately _only_ on Usenet and on broken lists > which rewrite From, fetch the TXT record for no-use.mooo.com. You can make a key bind/macro to do pretty much everything, including changing settings like that. -- Dave "... being a Linux user is sort of like living in a house inhabited by a large family of carpenters and architects. Every morning when you wake up, the house is a little different. Maybe there is a new turret, or some walls have moved. Or perhaps someone has temporarily removed the floor under your bed." - Unix for Dummies, 2nd Edition -- found in the .sig of Rob Riggs, rri...@tesser.com .--. oo ()// ~'
Check PGP sigs only when I need to
Hello mutt lovers, I still have not found a good way to check PGP signatures. The root problem is that many (probably more than half) signatures on mailing list messages, including this one, are broken. I have given up on addressing that root problem, but I would still like to check signatures on private messages on occasion. I know about the variable crypt_verify_sig, but it's not a real solution in itself (ie. when set to ask-no) because I still waste time responding to the prompt. I could set it in a folder hook to yes or no depending on the folder, but I am also trying to avoid folder hooks as much as possible, with their complexity and opacity [1]. The ideal solution I dream about is a specific command/keystroke to check the signature of a message, when already viewing that message. Strange as it is this natural command doesn't seem to exist - or am I wrong about this? And if I'm right would it make sense to add such a command? [1] How many people really know the exact rules by which the pattern in a folder hook matches? -- Please don't Cc: me privately on mailing lists and Usenet, if you also post the followup to the list or newsgroup. To reply privately _only_ on Usenet and on broken lists which rewrite From, fetch the TXT record for no-use.mooo.com.
pgp-signed flag in index updated when expunging folder?
Hi mutt list, here is a funny behavior which might be explainable but let me nevertheless ask you about. Changing to one of my mail folders the 's' flag denoting pgp-signed mails is not displayed for such messages not until I execute 'expunge' deleted mails from this folder, at which point the flag is set. I assume that mutt updates the flags when such an action is executed and the folder is somehow refreshed, but then why does it only happen with the 's' flag and not others? Thank you for all ideas! Peter
Re: Minor annoyance with mutt, crypt_replyencrypt and PGP
On Wed, Apr 19, 2017 at 07:21:56AM -0700, Kevin J. McCarthy wrote: > Sorry, I may have misunderstood. If you're in the select key menu, > showing a list of matching keys, you can hit 'q' to exit the menu. It > should then display a prompt: "Enter keyID for xxx: ". You should then > be able to hit ctrl-g at that prompt and it will bring you back to the > compose menu. C-g is a 'generic' abort key for prompts. > > I don't think 1.5.23 was different with this behavior, but it has been a > while since I used that version. :-) Cheers, it works!
Re: Minor annoyance with mutt, crypt_replyencrypt and PGP
On Wed, Apr 19, 2017 at 06:56:37AM +0200, Francesco Ariis wrote: > Hello Kevin, > > On Tue, Apr 18, 2017 at 11:49:03AM -0700, Kevin J. McCarthy wrote: > > On Tue, Apr 18, 2017 at 07:10:43PM +0200, Francesco Ariis wrote: > > > 5. Now it seems I am stuck in the select key menu, and I have > > >no idea how to exit it without sending the email > > > > You should be able to hit ctrl-g to get out of that prompt and back to > > the compose screen. > > C-g doesn't bring me out of that prompt (mutt 1.5.23), urxvt. Is > it a bound function or just a 'generic' key combination? Sorry, I may have misunderstood. If you're in the select key menu, showing a list of matching keys, you can hit 'q' to exit the menu. It should then display a prompt: "Enter keyID for xxx: ". You should then be able to hit ctrl-g at that prompt and it will bring you back to the compose menu. C-g is a 'generic' abort key for prompts. I don't think 1.5.23 was different with this behavior, but it has been a while since I used that version. :-) -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Re: Minor annoyance with mutt, crypt_replyencrypt and PGP
Hello Kevin, On Tue, Apr 18, 2017 at 11:49:03AM -0700, Kevin J. McCarthy wrote: > On Tue, Apr 18, 2017 at 07:10:43PM +0200, Francesco Ariis wrote: > > 5. Now it seems I am stuck in the select key menu, and I have > >no idea how to exit it without sending the email > > You should be able to hit ctrl-g to get out of that prompt and back to > the compose screen. C-g doesn't bring me out of that prompt (mutt 1.5.23), urxvt. Is it a bound function or just a 'generic' key combination? > > alternatively a way to colour `Security: Encrypt (PGP/MIME)` red or > > something? > > Not currently, but this was suggested in > https://dev.mutt.org/trac/ticket/3915 and I'll be looking into it for a > future release. Glad to know, thanks!
Re: Minor annoyance with mutt, crypt_replyencrypt and PGP
On Tue, Apr 18, 2017 at 07:10:43PM +0200, Francesco Ariis wrote: > 5. Now it seems I am stuck in the select key menu, and I have >no idea how to exit it without sending the email You should be able to hit ctrl-g to get out of that prompt and back to the compose screen. > alternatively a way to colour `Security: Encrypt (PGP/MIME)` red or > something? Not currently, but this was suggested in https://dev.mutt.org/trac/ticket/3915 and I'll be looking into it for a future release. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA signature.asc Description: PGP signature
Minor annoyance with mutt, crypt_replyencrypt and PGP
Hello list, I have `crypt_replyencrypt` and `crypt_autoencrypt` for some contacts. It works fine, but sometimes I want to send a cleartext email. Again, most of the times I remember to "clear PGP", but other times this happens: 1. I start a message to contact xyz 2. I type in the words and close the editor 3. I miss the `Security: Encrypt (PGP/MIME)` 4. I press 'y' to send the message 5. Now it seems I am stuck in the select key menu, and I have no idea how to exit it without sending the email Is there a way to exit such menu or alternatively a way to colour `Security: Encrypt (PGP/MIME)` red or something? Any other suggestion is welcome! -F
Re: pgp attachment problem
On Mon, Oct 17, 2016 at 11:28:02PM +0200, martin boeder wrote: > Hi, > > I'm using mutt since a long time ago and started to use pgp > now. It works fine for me, except one thing: If I get an > message with an attachment mutt shows me the attachment inline > only. Like this: > > [snip] Hello, I never had any issues with attachments and PGP (or I fixed them a long time ago and don't remember). Could you attach an example mail with the issue as mbox so I could try it with my setup? What is the minimal muttrc for your gpg setup (don't forget /etc/Mutt.d which might affect your settings)? Regards Simon -- + Privatsphäre ist notwendig + Ich verwende GnuPG http://gnupg.org + Öffentlicher Schlüssel: 0x92FEFDB7E44C32F9 signature.asc Description: PGP signature
pgp attachment problem
Hi, I'm using mutt since a long time ago and started to use pgp now. It works fine for me, except one thing: If I get an message with an attachment mutt shows me the attachment inline only. Like this: ... [-- BEGIN PGP MESSAGE --] Content-Type: multipart/mixed; boundary="Ui8oIDq6MW9GU3SUM5K8n8J3PoOTdg4xM"; protected-headers="v1" From: f...@bar.de To: foo-...@bar.de Message-ID: <b6a1af05-6fcb-24ea-bdcc-9381d271c...@bar.de> Subject: Testmail References: <20161016233834.GA10087@host.localdomain> In-Reply-To: <20161016233834.GA10087@host.localdomain> --Ui8oIDq6MW9GU3SUM5K8n8J3PoOTdg4xM Content-Type: multipart/mixed; boundary="3B1EE4EBF561C851E448F340" This is a multi-part message in MIME format. --3B1EE4EBF561C851E448F340 Content-Type: text/plain; charset=iso-8859-15 Content-Transfer-Encoding: quoted-printable Email content text --3B1EE4EBF561C851E448F340 Content-Type: image/jpeg; name="Image.jpg" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Image.jpg" /9j/4AAQSkZJRgABAQEAYABgAAD//gATQ3JlYXRlZCB3aXRoIEdJTVD/2wBDABYPERMRDhYT EhMZFxYaITckIR4eIUQwMyg3UEZUU09GTUxYY39sWF54X0xNbpZweIOHjpCOVmqcp5uKpn+L jon/2wBDARcZGSEdIUEkJEGJW01biYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJiYmJ iYmJiYmJiYmJiYmJiYmJiYn/wgARCAF6AfMDAREAAhEBAxEB/8QAGQABAAMBAQAA ... Somewhere I'd read mutt could handle that. The FAQ recommends me NOT to use procmail. [1] Unfortunately I can't use a found patch (version conflict). [2] And mailcap-hints doesn't look helpful. [3] I'd spend a lot of hours for searching, but couldn't find anything helpful at least.I'm using mutt version 1.5.24-r2 on a Gentoo box. Or is the problem fixed since 1.6.0? [4] Thanks in advance, Martin [1] https://dev.mutt.org/trac/wiki/MuttFaq/Encryption [2] https://dev.mutt.org/trac/changeset/21a08f9abc80d7ea0b3dc0a9f8fa2013c7446f5a[https://dev.mutt.org/trac/changeset/21a08f9abc80d7ea0b3dc0a9f8fa2013c7446f5a] [3] https://github.com/cbracken/mutt/blob/master/.mutt/mailcap[https://github.com/cbracken/mutt/blob/master/.mutt/mailcap] https://www.spinnaker.de/mutt/mailcap [4] http://www.mutt.org/doc/UPDATING[http://www.mutt.org/doc/UPDATING]
Re: New thread about PGP sigs, part 1: Mutt disagrees with gpg
On Thu, Sep 22, 2016, Ian Zimmerman wrote: > muttgpg > http://marc.info/?l=mutt-users=147417425713497=rawBAD GOOD Verifies fine for me (in mutt). Now the question is: is it "just" your setup, or does it fail for others too? If so, what is common between the setups where the verification fails?
Clash between macro for saving & msg-hook for checking traditional pgp
I have the following macro in my .muttrc macro index hy ":set confirmappend=no delete=yes auto_tag=yes\n=main/stuff\n:set confirmappend=yes delete=ask-yes\n" and I also have message-hook '!(~g|~G) ~b"^-BEGIN\ PGP\ (SIGNED\ )?MESSAGE"' "exec check-traditional-pgp" To deal with old-style inline encrypted emails. When I try to save an inline encrypted email using the above macro something weird happens: It opens vim in "compose mail-mode" and wants to forward the mail I'm trying to save To: irmappend=yes@computername,delete=ask-yes@computername When I exit vim I end up in compose mode editing the cc header to "heck-traditional-pgp>" I have no idea what is going on here but I guess there is some kind of clash between the message hook and the macro. Is there anyway I can get them to work nicely together? Regards -- Jonas Hedman XMPP:n...@jabber.at PGP Key: 0x5c3989e0616bb08c Fingerprint: 8F72 C5BE AAFA B4BA 8F46 9185 5C39 89E0 616B B08C signature.asc Description: Digital signature
Re: understanding PGP encrypt to myself
Hi Rejo and David, On Sun, Nov 15, 2015 at 12:12:51PM -0600, David Champion wrote: > * On 15 Nov 2015, Rejo Zenger wrote: > > > > As I understand it: your message is encrypted to a session key, and that > > session key is encrypted with your and the recipients' key. That way, > > the message may have a large number of recipients, but doesn't increase > > in size as much. > > This is correct. PGP encryption generates a random symmetric key of > a large size -- essentially a really long password. It encrypts the > original message using that "session key". The session key is included > in the PGP output alongside the encrypted message, but it's encrypted > once for each recipient. This gives huge space savings in the final > message, compared to encrypting the message once per recipient. > > When you decrypt, PGP finds the list of encryptions of the symmetric key > and searches for the one encrypted with your public key. It decrypts > that to get the session key, then uses the session key to decrypt the > original message. > > There are two ways to store that list of session key crypts. The > default is like a dictionary -- each ciphertext is indexed with the > key ID that encrypted it. When PGP decrypts this, it can quickly zip > right to the correct session ciphertext. The other way stores these > ciphertexts anonymously -- not indexed by key ID. This is more secure, > but slower because PGP must try each one in turn to find the correct > ciphertext. It's not a problem for a few recipients though -- it's > really only a performance problem with many separate recipients. Thanks for this incredibly clear explanation. And Xu, thanks for asking the question. Cheers, -- Suvayu Open source is the future. It sets us free.
Re: understanding PGP encrypt to myself
On Monday 16 Nov 2015 12:05:24 Suvayu Ali wrote: > Hi Rejo and David, > > On Sun, Nov 15, 2015 at 12:12:51PM -0600, David Champion wrote: > > * On 15 Nov 2015, Rejo Zenger wrote: > > > As I understand it: your message is encrypted to a session key, and > > > that session key is encrypted with your and the recipients' key. That > > > way, the message may have a large number of recipients, but doesn't > > > increase in size as much. > > > > This is correct. PGP encryption generates a random symmetric key of > > a large size -- essentially a really long password. It encrypts the > > original message using that "session key". The session key is included > > in the PGP output alongside the encrypted message, but it's encrypted > > once for each recipient. This gives huge space savings in the final > > message, compared to encrypting the message once per recipient. > > > > When you decrypt, PGP finds the list of encryptions of the symmetric key > > and searches for the one encrypted with your public key. It decrypts > > that to get the session key, then uses the session key to decrypt the > > original message. > > > > There are two ways to store that list of session key crypts. The > > default is like a dictionary -- each ciphertext is indexed with the > > key ID that encrypted it. When PGP decrypts this, it can quickly zip > > right to the correct session ciphertext. The other way stores these > > ciphertexts anonymously -- not indexed by key ID. This is more secure, > > but slower because PGP must try each one in turn to find the correct > > ciphertext. It's not a problem for a few recipients though -- it's > > really only a performance problem with many separate recipients. > > Thanks for this incredibly clear explanation. And Xu, thanks for asking > the question. > > Cheers, To see the two signatures you can run this command at the encrypted message: gpg --batch --list-packets -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: understanding PGP encrypt to myself
++ 14/11/15 22:47 -0500 - Xu Wang: >> >> A copy of the message will also be encrypted by your own public key and saved >> in the folder you have specified for Sent messages. It is this copy which >> you >> can decrypt with your private key later on, if you wish to read what you sent >> to the recipient. [...] >I see. So it is one email, but there is never actual double encryption >on the same text. It is two single encryptions. I think I am >understanding more. As I understand it: your message is encrypted to a session key, and that session key is encrypted with your and the recipients' key. That way, the message may have a large number of recipients, but doesn't increase in size as much. -- Rejo Zenger E r...@zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J r...@zenger.nl OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF Signal0507 A41B F4D6 5DB4 937D E8A1 29B6 AAA6 524F B68B 93D4 4C6E 8BAB 7C9E 17C9 FB28 03 signature.asc Description: PGP signature
Re: understanding PGP encrypt to myself
Thank you for that in depth explanation - this is something I wasn't aware of, and it's good to know! On Sun, 15 Nov 2015, David Champion wrote: > * On 15 Nov 2015, Rejo Zenger wrote: > > ++ 14/11/15 22:47 -0500 - Xu Wang: > > >> > > >> A copy of the message will also be encrypted by your own public key and > > >> saved > > >> in the folder you have specified for Sent messages. It is this copy > > >> which you > > >> can decrypt with your private key later on, if you wish to read what you > > >> sent > > >> to the recipient. > > [...] > > >I see. So it is one email, but there is never actual double encryption > > >on the same text. It is two single encryptions. I think I am > > >understanding more. > > > > As I understand it: your message is encrypted to a session key, and that > > session key is encrypted with your and the recipients' key. That way, > > the message may have a large number of recipients, but doesn't increase > > in size as much. > > This is correct. PGP encryption generates a random symmetric key of > a large size -- essentially a really long password. It encrypts the > original message using that "session key". The session key is included > in the PGP output alongside the encrypted message, but it's encrypted > once for each recipient. This gives huge space savings in the final > message, compared to encrypting the message once per recipient. > > When you decrypt, PGP finds the list of encryptions of the symmetric key > and searches for the one encrypted with your public key. It decrypts > that to get the session key, then uses the session key to decrypt the > original message. > > There are two ways to store that list of session key crypts. The > default is like a dictionary -- each ciphertext is indexed with the > key ID that encrypted it. When PGP decrypts this, it can quickly zip > right to the correct session ciphertext. The other way stores these > ciphertexts anonymously -- not indexed by key ID. This is more secure, > but slower because PGP must try each one in turn to find the correct > ciphertext. It's not a problem for a few recipients though -- it's > really only a performance problem with many separate recipients. > > -- > David Champion • d...@bikeshed.us
Re: understanding PGP encrypt to myself
On Sun, Nov 15, 2015 at 1:12 PM, David Champion <d...@bikeshed.us> wrote: > * On 15 Nov 2015, Rejo Zenger wrote: >> ++ 14/11/15 22:47 -0500 - Xu Wang: >> >> >> >> A copy of the message will also be encrypted by your own public key and >> >> saved >> >> in the folder you have specified for Sent messages. It is this copy >> >> which you >> >> can decrypt with your private key later on, if you wish to read what you >> >> sent >> >> to the recipient. >> [...] >> >I see. So it is one email, but there is never actual double encryption >> >on the same text. It is two single encryptions. I think I am >> >understanding more. >> >> As I understand it: your message is encrypted to a session key, and that >> session key is encrypted with your and the recipients' key. That way, >> the message may have a large number of recipients, but doesn't increase >> in size as much. > > This is correct. PGP encryption generates a random symmetric key of > a large size -- essentially a really long password. It encrypts the > original message using that "session key". The session key is included > in the PGP output alongside the encrypted message, but it's encrypted > once for each recipient. This gives huge space savings in the final > message, compared to encrypting the message once per recipient. > > When you decrypt, PGP finds the list of encryptions of the symmetric key > and searches for the one encrypted with your public key. It decrypts > that to get the session key, then uses the session key to decrypt the > original message. > > There are two ways to store that list of session key crypts. The > default is like a dictionary -- each ciphertext is indexed with the > key ID that encrypted it. When PGP decrypts this, it can quickly zip > right to the correct session ciphertext. The other way stores these > ciphertexts anonymously -- not indexed by key ID. This is more secure, > but slower because PGP must try each one in turn to find the correct > ciphertext. It's not a problem for a few recipients though -- it's > really only a performance problem with many separate recipients. > > -- > David Champion • d...@bikeshed.us ahhh. Now I get it! Thanks for such a detailed and clearatory explantion. I am surprised that I actually understand it. But it makes perfect sense. Kind regards to each, Xu
Re: understanding PGP encrypt to myself
> I see. So it is one email, but there is never actual double encryption > on the same text. It is two single encryptions. I think I am > understanding more. It is one email which is encrypted only _once_, but against a set of puclic keys which get referenced in the cipher text. So it is also possible to have more pgp recipients than two. Obviously, the de- and encryption algorithm is designed to support this. But keep in mind, as more public keys are used the attack vector gets broader. Certainly you can read how the crypto works (prime numbers) online or try to ask on the pgp mailing lists for more detail. -- Bastian
Re: understanding PGP encrypt to myself
* On 15 Nov 2015, Rejo Zenger wrote: > ++ 14/11/15 22:47 -0500 - Xu Wang: > >> > >> A copy of the message will also be encrypted by your own public key and > >> saved > >> in the folder you have specified for Sent messages. It is this copy which > >> you > >> can decrypt with your private key later on, if you wish to read what you > >> sent > >> to the recipient. > [...] > >I see. So it is one email, but there is never actual double encryption > >on the same text. It is two single encryptions. I think I am > >understanding more. > > As I understand it: your message is encrypted to a session key, and that > session key is encrypted with your and the recipients' key. That way, > the message may have a large number of recipients, but doesn't increase > in size as much. This is correct. PGP encryption generates a random symmetric key of a large size -- essentially a really long password. It encrypts the original message using that "session key". The session key is included in the PGP output alongside the encrypted message, but it's encrypted once for each recipient. This gives huge space savings in the final message, compared to encrypting the message once per recipient. When you decrypt, PGP finds the list of encryptions of the symmetric key and searches for the one encrypted with your public key. It decrypts that to get the session key, then uses the session key to decrypt the original message. There are two ways to store that list of session key crypts. The default is like a dictionary -- each ciphertext is indexed with the key ID that encrypted it. When PGP decrypts this, it can quickly zip right to the correct session ciphertext. The other way stores these ciphertexts anonymously -- not indexed by key ID. This is more secure, but slower because PGP must try each one in turn to find the correct ciphertext. It's not a problem for a few recipients though -- it's really only a performance problem with many separate recipients. -- David Champion • d...@bikeshed.us signature.asc Description: PGP signature
Re: understanding PGP encrypt to myself
On Sat, Nov 14, 2015 at 6:41 PM, Mick <michaelkintz...@gmail.com> wrote: > On Saturday 14 Nov 2015 22:58:18 kytv wrote: >> On Sat, Nov 14, 2015 at 05:45:47PM -0500, Xu Wang wrote: >> > Hi, >> > >> > I am learning more about PGP encryption with mutt, and am following this >> > guide: http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG >> > >> > There is a part which discusses about "also encrypt the message using >> > the author's public key". This is very useful because now I can >> > decrypt the message that I send (in case I want to see what I sent). I >> > would like to understand more what happens. >> > >> > When I encrypt with public key of recipient *and* with my public key, >> > is this to mean that I send two separate messages, one encrypted with >> > recipient public key and a separate one with my public key? Or it is >> > possible to send *one* message that both the recipient and me are >> > capable of decrypting. I am trying to understand how this magic works. >> >> The latter. You'll create one email which both you and the recipient >> will be able to decrypt. > > You send 1 email, which is encrypted with the recipients public key. Only the > recipient can decrypt this message with their private key. > > A copy of the message will also be encrypted by your own public key and saved > in the folder you have specified for Sent messages. It is this copy which you > can decrypt with your private key later on, if you wish to read what you sent > to the recipient. > > -- > Regards, > Mick I see. So it is one email, but there is never actual double encryption on the same text. It is two single encryptions. I think I am understanding more. Thank you. Kind regards, Xu
understanding PGP encrypt to myself
Hi, I am learning more about PGP encryption with mutt, and am following this guide: http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG There is a part which discusses about "also encrypt the message using the author's public key". This is very useful because now I can decrypt the message that I send (in case I want to see what I sent). I would like to understand more what happens. When I encrypt with public key of recipient *and* with my public key, is this to mean that I send two separate messages, one encrypted with recipient public key and a separate one with my public key? Or it is possible to send *one* message that both the recipient and me are capable of decrypting. I am trying to understand how this magic works. Kind regards, Xu
Re: understanding PGP encrypt to myself
On Sat, Nov 14, 2015 at 05:45:47PM -0500, Xu Wang wrote: > Hi, > > I am learning more about PGP encryption with mutt, and am following this > guide: > http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG > > There is a part which discusses about "also encrypt the message using > the author's public key". This is very useful because now I can > decrypt the message that I send (in case I want to see what I sent). I > would like to understand more what happens. > > When I encrypt with public key of recipient *and* with my public key, > is this to mean that I send two separate messages, one encrypted with > recipient public key and a separate one with my public key? Or it is > possible to send *one* message that both the recipient and me are > capable of decrypting. I am trying to understand how this magic works. The latter. You'll create one email which both you and the recipient will be able to decrypt. signature.asc Description: PGP signature
Re: understanding PGP encrypt to myself
On 15-11-14 17:45:47, Xu Wang wrote: > Hi, > > I am learning more about PGP encryption with mutt, and am following this > guide: > http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG > > There is a part which discusses about "also encrypt the message using > the author's public key". This is very useful because now I can > decrypt the message that I send (in case I want to see what I sent). I > would like to understand more what happens. > > When I encrypt with public key of recipient *and* with my public key, > is this to mean that I send two separate messages, one encrypted with > recipient public key and a separate one with my public key? Or it is > possible to send *one* message that both the recipient and me are > capable of decrypting. I am trying to understand how this magic works. > > Kind regards, > > Xu You just send one message. If you have a Sent-dir then you can decrypt it yourself at a later date, if you don't do this can decrypt it afterwards. It's pretty handy at times. Basically, the encrypted messages gets two recipients and can be decrypted by two private keys, yours and the person you sent the email to. -- Jonas Hedman XMPP:n...@jabber.at PGP Key: 0x5c3989e0616bb08c Fingerprint: 8F72 C5BE AAFA B4BA 8F46 9185 5C39 89E0 616B B08C signature.asc Description: Digital signature
Re: understanding PGP encrypt to myself
On Sat, Nov 14, 2015 at 5:58 PM, jonas hedman <jonas.hed...@fripost.org> wrote: > On 15-11-14 17:45:47, Xu Wang wrote: >> Hi, >> >> I am learning more about PGP encryption with mutt, and am following this >> guide: >> http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG >> >> There is a part which discusses about "also encrypt the message using >> the author's public key". This is very useful because now I can >> decrypt the message that I send (in case I want to see what I sent). I >> would like to understand more what happens. >> >> When I encrypt with public key of recipient *and* with my public key, >> is this to mean that I send two separate messages, one encrypted with >> recipient public key and a separate one with my public key? Or it is >> possible to send *one* message that both the recipient and me are >> capable of decrypting. I am trying to understand how this magic works. >> >> Kind regards, >> >> Xu > > > You just send one message. If you have a Sent-dir then you can > decrypt it yourself at a later date, if you don't do this can decrypt it > afterwards. It's pretty handy at times. > > Basically, the encrypted messages gets two recipients and can be > decrypted by two private keys, yours and the person you sent the email > to. Is this possible with all kinds of encryption? To me it is amazing that two different private keys can be used to decrypt the same message. Is there logic to explain why this works that is not specific to a particular algorithm? Kind regards, Xu
Re: understanding PGP encrypt to myself
On Saturday 14 Nov 2015 22:58:18 kytv wrote: > On Sat, Nov 14, 2015 at 05:45:47PM -0500, Xu Wang wrote: > > Hi, > > > > I am learning more about PGP encryption with mutt, and am following this > > guide: http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG > > > > There is a part which discusses about "also encrypt the message using > > the author's public key". This is very useful because now I can > > decrypt the message that I send (in case I want to see what I sent). I > > would like to understand more what happens. > > > > When I encrypt with public key of recipient *and* with my public key, > > is this to mean that I send two separate messages, one encrypted with > > recipient public key and a separate one with my public key? Or it is > > possible to send *one* message that both the recipient and me are > > capable of decrypting. I am trying to understand how this magic works. > > The latter. You'll create one email which both you and the recipient > will be able to decrypt. You send 1 email, which is encrypted with the recipients public key. Only the recipient can decrypt this message with their private key. A copy of the message will also be encrypted by your own public key and saved in the folder you have specified for Sent messages. It is this copy which you can decrypt with your private key later on, if you wish to read what you sent to the recipient. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
Re: Trouble with decryption of certain emails using GPG + Mutt application/pgp-encrypted is unsupported
A small update on the matter. John was kind enough the send me a encrypted test email from the iphone app and it worked perfectly. I could verify signatures and and decrypt it properly from within mutt automatically without any trouble. With this in mind I just realized that my friend for weird and unknown reasons uses hotmail. Could that have something to do with it? /jonas signature.asc Description: Digital signature
Trouble with decryption of certain emails using GPG + Mutt application/pgp-encrypted is unsupported
Hello! I'm having some trouble decrypting emails from a friend who is using some kind of Iphone app for PGP. When I get a encrypted email from this person it usually looks like this: Date: Tue, 3 Feb 2015 13:06:17 +0100 From: frend friend@... To: me Subject: something [-- Attachment #1 --] [-- Type: text/plain, Encoding: 7bit, Size: 0.1K --] [-- Attachment #2: encrypted.asc --] [-- Type: application/pgp-encrypted, Encoding: 7bit, Size: 2.5K --] [-- application/pgp-encrypted is unsupported (use 'v' to view this part) --] [-- Attachment #3 --] [-- Type: text/plain, Encoding: 7bit, Size: 0.1K --] Where, [-- Attachment #1 --] always is a empty plain textfile. [-- Attachment #2: encrypted.asc --] is the encrypted message [-- Attachment #3 --] is either empty or contains non-cryptographic signature plaintext. i.e kindly regards /friend I want mutt to automagically recognize encrypted.asc and do its normal buisniess. I have no problems with signatures, inline encrypted emails or emails with empty bodies with just one attached encrypted.asc but when I get emails formated this way it doesn't work for some reason. I can save encrypted.asc and decrypt it manually from commandline so there seems to be nothing wrong with the encryption. I would really appreciate if someone could help me out and make this work. Here is my config related to gpg: In mutt.rc: source ~/.gpg.rc set pgp_use_gpg_agent = yes set pgp_sign_as = ... set pgp_timeout = 3600 set crypt_autosign = yes set crypt_replyencrypt = yes set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f set pgp_verify_command=gpg --no-verbose --batch --output - --verify %s %f set pgp_decrypt_command=gpg --passphrase-fd 0 --no-verbose --batch --output - %f set pgp_sign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign \ --textmode %?a?-u %a? %f set pgp_clearsign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor \ --textmode --clearsign %?a?-u %a? %f set pgp_encrypt_only_command=/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt \ --textmode --armor --always-trust --encrypt-to ... -- -r %r -- %f set pgp_encrypt_sign_command=/usr/lib/mutt/pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose \ --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to ky -- -r %r -- %f set pgp_import_command=gpg --no-verbose --import -v %f set pgp_export_command=gpg --no-verbose --export --armor %r set pgp_verify_key_command=gpg --no-verbose --batch --fingerprint --check-sigs %r set pgp_list_pubring_command=gpg --no-verbose --batch --with-colons --list-keys %r set pgp_list_secring_command=gpg --no-verbose --batch --with-colons --list-secret-keys %r set pgp_good_sign=^gpg: Good signature from And my .gpg.rc # GnuPG configuration set pgp_decode_command=gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f set pgp_verify_command=gpg --status-fd=2 --no-verbose --quiet --batch --output - --verify %s %f set pgp_decrypt_command=gpg --status-fd=2 %?p?--passphrase-fd 0? --no-verbose --quiet --batch --output - %f set pgp_sign_command=gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --detach-sign --textmode %?a?-u %a? %f set pgp_clearsign_command=gpg --no-verbose --batch --quiet --output - %?p?--passphrase-fd 0? --armor --textmode --clearsign %?a?-u %a? %f set pgp_encrypt_only_command=/usr/lib/mutt/pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust -- -r %r -- %f set pgp_encrypt_sign_command=/usr/lib/mutt/pgpewrap gpg %?p?--passphrase-fd 0? --batch --quiet --no-verbose --textmode --output %- --encrypt --sign %?a?-u %a? --armor --always-trust -- -r %r -- %f set pgp_import_command=gpg --no-verbose --import %f set pgp_export_command=gpg --no-verbose --export --armor %r set pgp_verify_key_command=gpg --verbose --batch --fingerprint --check-sigs %r set pgp_list_pubring_command=gpg --no-verbose --batch --quiet --with-colons --list-keys %r set pgp_list_secring_command=gpg --no-verbose --batch --quiet --with-colons --list-secret-keys %r set pgp_good_sign=^\\[GNUPG:\\] GOODSIG My version of mutt is 1.5.23 and gpg is 1.4.18 Thanks and sorry for a lenghty post. /Jonas signature.asc Description: Digital signature
Can't attach ascii armored pgp key
Dear mutt mailing list Earlier today I had an interesting problem: Whenever I tried to send a mail with an ascii armored pgp key attached mutt only attached a small file containing: Version: 1 I did check that the file I was trying to attach actually contained more (they were respectively 3.5 kb and 6.6 kb). I'm using msmtp to send the mail. Am I doing something obviously wrong or is this a bug in mutt? Best regards, Adam pgp108OKCxGXk.pgp Description: PGP signature
mutt/PGP works interactively but not on command line, what's going wrong?
Dear all, I am obviously doing something wrong but can't find out what... I configured mutt to PGP-sign/encrypt (~/.muttrc and ~/.gpg.rc). When sending out an email interactively, everything works fine: emails get signed and encrypted by mutt. But if I am sending a mail via the command line, mutt doesn't bother about PGP at all: The email is sent out, but without any PGP. Does anybody know what's going wrong? I am using Mutt 1.5.21 on Ubuntu 14.04 LTS (64bit). Command line: $ echo Body Text | mutt -s Subject Text -F /home/me/.muttrc -d 5 recei...@my-domain.de .muttrc: $ cat .muttrc set from = sen...@my-domain.de set realname = Sender set smtp_url = smtp://sen...@my-domain.de@smtp.my-domain.de:25/ set smtp_pass = set smtp_authenticators = plain:cram-md5 set ssl_force_tls = no set ssl_starttls = no source /home/me/.gpg.rc set pgp_use_gpg_agent=yes set pgp_autosign=yes set pgp_autoencrypt=yes set pgp_auto_decode=yes set pgp_replysign=yes set pgp_replysignencrypted=yes set pgp_replyencrypt=yes set pgp_verify_sig=yes set pgp_sign_as=F5216DFA set pgp_timeout=3600 set crypt_autosign set crypt_replyencrypt set crypt_replysign set crypt_autoencrypt=yes set crypt_replyencrypt=yes set crypt_replysignencrypted=yes set crypt_verify_sig=yes Debug output: $ cat .muttdebug0 [2015-01-06 11:38:41] Mutt/1.5.21 (2010-09-15) debugging at level 5 [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc'. [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbe8, *ldata = (nil) [2015-01-06 11:38:41] parse_attach_list: added */.* [9] [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbe0, *ldata = (nil) [2015-01-06 11:38:41] parse_attach_list: added text/x-vcard [7] [2015-01-06 11:38:41] parse_attach_list: added application/pgp.* [2] [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbe0, *ldata = 0x1e5e400 [2015-01-06 11:38:41] parse_attach_list: skipping text/x-vcard [2015-01-06 11:38:41] parse_attach_list: skipping application/pgp.* [2015-01-06 11:38:41] parse_attach_list: added application/x-pkcs7-.* [2] [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbd8, *ldata = (nil) [2015-01-06 11:38:41] parse_attach_list: added text/plain [7] [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbe0, *ldata = 0x1e5e400 [2015-01-06 11:38:41] parse_attach_list: skipping text/x-vcard [2015-01-06 11:38:41] parse_attach_list: skipping application/pgp.* [2015-01-06 11:38:41] parse_attach_list: skipping application/x-pkcs7-.* [2015-01-06 11:38:41] parse_attach_list: added message/external-body [4] [2015-01-06 11:38:41] parse_attach_list: ldata = 0x6ddbd0, *ldata = (nil) [2015-01-06 11:38:41] parse_attach_list: added message/external-body [4] [2015-01-06 11:38:41] Reading configuration file '/usr/lib/mutt/source-muttrc.d|'. [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc.d/charset.rc'. [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc.d/colors.rc'. [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc.d/compressed-folders.rc'. [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc.d/gpg.rc'. [2015-01-06 11:38:41] Reading configuration file '/etc/Muttrc.d/smime.rc'. [2015-01-06 11:38:41] Reading configuration file '/home/me/.muttrc'. [2015-01-06 11:38:41] Reading configuration file '/home/me/.gpg.rc'. [2015-01-06 11:38:41] ../send.c:1214: mutt_mktemp returns /tmp/mutt-my-machine-1001-5138-18437527211071003667. [2015-01-06 11:38:41] ../sendlib.c:2696: mutt_mktemp returns /tmp/mutt-my-machine-1001-5138-287496981775757253. [2015-01-06 11:38:41] mwoh: buf[Subject: Subject Text] is short enough [2015-01-06 11:38:41] ../send.c:988: mutt_mktemp returns /tmp/mutt-my-machine-1001-5138-959755060790486839. [2015-01-06 11:38:41] mwoh: buf[Subject: Subject Text] is short enough [2015-01-06 11:38:41] Connected to smtp.my-domain.de:25 on fd=4 [2015-01-06 11:38:41] 4 220 my-mailserver.de ESMTP Postfix (cust) [2015-01-06 11:38:41] 4 EHLO my-machine [2015-01-06 11:38:41] 4 250-my-mailserver.de [2015-01-06 11:38:41] 4 250-PIPELINING [2015-01-06 11:38:41] 4 250-SIZE 5120 [2015-01-06 11:38:41] 4 250-AUTH LOGIN PLAIN CRAM-MD5 [2015-01-06 11:38:41] 4 250-AUTH=LOGIN PLAIN CRAM-MD5 [2015-01-06 11:38:41] 4 250-ENHANCEDSTATUSCODES [2015-01-06 11:38:41] 4 250 8BITMIME [2015-01-06 11:38:41] smtp_authenticate: Trying method plain [2015-01-06 11:38:41] SASL local ip: my.ip.add.ress;59604, remote ip:the.ip.add.ress;25 [2015-01-06 11:38:41] External authentication name: sen...@my-domain.de [2015-01-06 11:38:41] mutt_sasl_cb_authname: getting authname for smtp.my-domain.de:25 [2015-01-06 11:38:41] mutt_sasl_cb_authname: getting user for smtp.my-domain.de:25 [2015-01-06 11:38:41] mutt_sasl_cb_pass: getting password for sen...@my-domain.de@smtp.my-domain.de:25 [2015-01-06 11:38:41] 4 AUTH PLAIN x= [2015-01-06 11:38:41] 4 235 2.7.0 Authentication successful [2015-01-06 11:38:41] SASL protection strength
Re: Honor X-Mutt-PGP with resend-message
Hello everyone, On Sun, Jul 27, 2014 at 09:48:08PM +0200, Antoine Amarilli wrote: The short version of my question is: Is there a way for the resend-message command to honor PGP signature/encryption settings stored in the target message in the X-Mutt-PGP header? The reason why I ask: I want to have postponed messages appear in my inbox, and be able to recall them by selecting them in the index view and hitting the 'R' key. For reference, I managed to make this work, by switching to a different hack which uses recall-message rather than resend-message, but saves the message to recall in a temporary mailbox first. Mere is my configuration: # save postponed mail in the inbox set postponed==inbox # ugly hack to resume the currently highlighted mail # may fail messily if you do not create =draft_tmp first macro index,pager R \ enter-commandset postponed='=draft_tmp' my_old_maildir_trash=\$maildir_trash nomaildir_trashenter\ s=draft_tmpenterrecall-messageenter-commandset postponed='=inbox' maildir_trash=\$my_old_maildir_trashenter \ recall current message # unmodified drafts should be saved back to the inbox, not discarded set noabort_unmodified It seems to work for my purposes. Best, -- Antoine Amarilli signature.asc Description: Digital signature
Honor X-Mutt-PGP with resend-message
Hello everyone, I'm new to this list, I hope that this is the right kind of questions and the right place where to ask them. The short version of my question is: Is there a way for the resend-message command to honor PGP signature/encryption settings stored in the target message in the X-Mutt-PGP header? The reason why I ask: I want to have postponed messages appear in my inbox, and be able to recall them by selecting them in the index view and hitting the 'R' key. I accordingly set postponed=inbox, but then the recall-message commands insists on opening its own prompt to select the message to recall (in other words, I found no way to recall the selected message in the index). I accordingly use the resend-message command (following the manual's description of it as recall from arbitrary folders), but then this command ignores the encryption settings for the postponed message (and chooses to have no encryption/signature instead). Indeed, postponing the message stores a message without encryption or signature, and merely indiates in a X-Mutt-PGP header what the message setting was, and resend-messages looks at the message itself to decide whether to sign or encrypt, rather than using this header. Hence the question above; but maybe my way to use =inbox as the postponed folder is not the right way to obtain the behavior I want. Thanks in advance for any advice! Regards, -- Antoine Amarilli signature.asc Description: Digital signature
Re: Automate the decryption of inline pgp messages.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sat, Jul 19, 2014 at 01:00:37PM -0700, Bob Holtzman wrote: Compose a mesg, hit : wq then hit p and see the options. Or have you already done that? Yeah, perfect. I've done it so far, because I'm using vim as mail editor. I didn't notice that there's inline format there. I was too focused with sign, encrypt, and both. Thanks. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (GNU/Linux) iQIcBAEBAgAGBQJTy6rGAAoJEOyCOarSHYdh1O4P/iF6Cr0sk878DBDgYntqLwbH C4sJHzHUizz2PVp/zVqUlTLSTMA1kxQQyxC2ArDyeS/FsaqvZHsd512LZ2SkGZO/ yhGxO+bRHri19tMpELZGGHdBoNHNpzuf0TP1zSWqiIlLPzuf9W3EbNnFwsUvjChJ tHmB8iS8bg9wi3h5oisOCqWLa8IM3HmUirSX/M+gIAqGE+ge8Nq103B0DifPsCGe ZzXHby/ygWRw9dkWSVDFbb41utbt2BaX4k9m/VCnS0/Uw63kvr1PKG18/ZVwAQKW nheWlNCpjpvSJCv4t7IPxeR/z7flRdaYn+qp6facPJftOPeH/WWZwATUm2lMDJN8 MUhiDjiyD5hYTby8NbM0dQXM5fU62/KI4oWNNu66qN84TLvMRBUKFWRWngx7HQ2j vc1edoy/2lYgrj9REvfIg4Tq7EVtDjJNd+WquUNXLKSoOXWvJF2jfBlqg5X7VyL5 AMEOr+j2+IpnI2j6FFFDlOg7SCAqjPyG36aQPyTcLyR4uqd7eTkglT45Mq0u62Mt kNlVPzr1L1qFLJ6LPetGw96XqmG75ONSzsOgCU7rNWyb93bqjFqP5Lg0JR9ZgRWF N4HYHtlvvv9dxjqyhf7Qo6osZUNU/QE8zycJrDLkkMzG8zupUPy0QY98//QcYl9t 85ghFzMdCtKVvzbVP6yt =nZdW -END PGP SIGNATURE-
Re: Automate the decryption of inline pgp messages.
On Sat, Jul 19, 2014 at 01:45:19AM +0200, Mathias Bauer wrote: Hello, * The Fuzzy Whirlpool Thunderstorm wrote on Fri, 18 Jul 2014, at 20:04 (+0200): Is there any convenient way to automatically decrypt inline pgp messages? Piping the text attachment to `gpg --decrypt` works, but I need a simpler way to do the task. if you use procmail, you could apply the following recipes to handle inline PGP messages at least a little bit easier. But of course, you can't catch all curiosities automatically that some MUA may produce. So, finally, Derek's solutions may fit better. :0 * ! ^Content-Type:[ \t]+message/ * ! ^Content-Type:[ \t]+multipart/ * ! ^Content-Type:[ \t]+application/pgp { :0 f w * B ?? ^-BEGIN PGP MESSAGE- * B ?? ^-END PGP MESSAGE- |formail -b -f -i 'Content-Type: application/pgp; format=text; x-action=encrypt' :0 f w * B ?? ^-BEGIN PGP SIGNED MESSAGE- * B ?? ^-BEGIN PGP SIGNATURE- * B ?? ^-END PGP SIGNATURE- |formail -b -f -i 'Content-Type: application/pgp; format=text; x-action=sign' } For further details see the Mutt-GnuPG-PGP-HOWTO which is quite old now (Feb 2000) [1]. Please note also, that the current procmail v3.22 has some issues with the B flag [2]. Therefore I suggest using the above modified/extended recipes instead. Although inline pgp is deprecated, many mail user agent such as K9 mail is still using it. In addition to that, is there any way to compose an inline pgp mail using mutt? Isn't coping with incoming inline PGP messages enough? I mean, there is a standard for PGP/MIME, RFC 3156 [3], and it's 13 years old. k9mail seems to still work on supporting it - also for several years now[4]. Perhaps you may consider the other side of inline PGP [5]. Regards, Mathias [1] http://tldp.org/HOWTO/Mutt-GnuPG-PGP-HOWTO-8.html [2] http://pm-doc.sourceforge.net/doc/#flags_hb_at_top_of_recipe_warning [3] http://www.ietf.org/rfc/rfc3156.txt [4] https://code.google.com/p/k9mail/issues/detail?id=13#c89 https://code.google.com/p/k9mail/issues/detail?id=5864#c6 [5] https://dkg.fifthhorseman.net/notes/inline-pgp-harmful Yeah, that's sure K9 is a way too late to not folow OpenPGP new RFC. I think the best way is using PGP/MIME format and abandon the legacy inline PGP format. Thanks for detailed answer. pgpFvAnRA6CMw.pgp Description: PGP signature
Re: Automate the decryption of inline pgp messages.
On Sat, Jul 19, 2014 at 01:00:06AM +0200, The Fuzzy Whirlpool Thunderstorm wrote: snip Thanks. The one line configuration works perfectly. The keybinding also works to decrypt inline pgp messages as needed. This is exactly what I want. I also want to ask if there is a convenient way to compose inline pgp messages with mutt. The K9-Mail is still using inline pgp, so that for convenience use, it'll be needed to send an inline message as reply for K9 mail. Is this possible? Compose a mesg, hit : wq then hit p and see the options. Or have you already done that? -- Bob Holtzman A man is a man who will fight with a sword or tackle Mt Everest in snow, but the bravest of all owns a '34 Ford and tries for 6000 in low. signature.asc Description: Digital signature
Automate the decryption of inline pgp messages.
Hi mutt users! Is there any convenient way to automatically decrypt inline pgp messages? Piping the text attachment to `gpg --decrypt` works, but I need a simpler way to do the task. Although inline pgp is deprecated, many mail user agent such as K9 mail is still using it. In addition to that, is there any way to compose an inline pgp mail using mutt? A simple way, because I know manually writing a text and encrypting it using `gpg --encrypt` command works fine to do the task. Thanks. pgpIPJ_GLcqjS.pgp Description: PGP signature
Re: Automate the decryption of inline pgp messages.
On Fri, Jul 18, 2014 at 08:04:52PM +0200, The Fuzzy Whirlpool Thunderstorm wrote: Hi mutt users! Is there any convenient way to automatically decrypt inline pgp messages? set pgp_auto_decode=yes There's also a (mutt built-in) command to manually decode them (thouh less manually than piping them) within mutt (bound to esc-P by default I believe), so piping them was never required, but this does what you want. -- Derek D. Martinhttp://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience. pgpw2qfrdlTop.pgp Description: PGP signature
Re: Automate the decryption of inline pgp messages.
Hello, * The Fuzzy Whirlpool Thunderstorm wrote on Fri, 18 Jul 2014, at 20:04 (+0200): Is there any convenient way to automatically decrypt inline pgp messages? Piping the text attachment to `gpg --decrypt` works, but I need a simpler way to do the task. if you use procmail, you could apply the following recipes to handle inline PGP messages at least a little bit easier. But of course, you can't catch all curiosities automatically that some MUA may produce. So, finally, Derek's solutions may fit better. :0 * ! ^Content-Type:[ \t]+message/ * ! ^Content-Type:[ \t]+multipart/ * ! ^Content-Type:[ \t]+application/pgp { :0 f w * B ?? ^-BEGIN PGP MESSAGE- * B ?? ^-END PGP MESSAGE- |formail -b -f -i 'Content-Type: application/pgp; format=text; x-action=encrypt' :0 f w * B ?? ^-BEGIN PGP SIGNED MESSAGE- * B ?? ^-BEGIN PGP SIGNATURE- * B ?? ^-END PGP SIGNATURE- |formail -b -f -i 'Content-Type: application/pgp; format=text; x-action=sign' } For further details see the Mutt-GnuPG-PGP-HOWTO which is quite old now (Feb 2000) [1]. Please note also, that the current procmail v3.22 has some issues with the B flag [2]. Therefore I suggest using the above modified/extended recipes instead. Although inline pgp is deprecated, many mail user agent such as K9 mail is still using it. In addition to that, is there any way to compose an inline pgp mail using mutt? Isn't coping with incoming inline PGP messages enough? I mean, there is a standard for PGP/MIME, RFC 3156 [3], and it's 13 years old. k9mail seems to still work on supporting it - also for several years now[4]. Perhaps you may consider the other side of inline PGP [5]. Regards, Mathias [1] http://tldp.org/HOWTO/Mutt-GnuPG-PGP-HOWTO-8.html [2] http://pm-doc.sourceforge.net/doc/#flags_hb_at_top_of_recipe_warning [3] http://www.ietf.org/rfc/rfc3156.txt [4] https://code.google.com/p/k9mail/issues/detail?id=13#c89 https://code.google.com/p/k9mail/issues/detail?id=5864#c6 [5] https://dkg.fifthhorseman.net/notes/inline-pgp-harmful -- CAcert Assurer Do you want to encrypt your mail? Then join CAcert and get your SSL certificate from https://www.CAcert.org. If you have any questions, don't hesitate to ask. OpenPGP: ID 0x44C3983FA7629DE8 - http://www.sks-keyservers.net Fingerprint: B100 5DC4 9686 BE64 87E9 0E22 44C3 983F A762 9DE8 pgpk_gXsmHIv5.pgp Description: PGP signature
Re: Automate the decryption of inline pgp messages.
On Fri, Jul 18, 2014 at 03:11:17PM -0500, Derek Martin wrote: On Fri, Jul 18, 2014 at 08:04:52PM +0200, The Fuzzy Whirlpool Thunderstorm wrote: Hi mutt users! Is there any convenient way to automatically decrypt inline pgp messages? set pgp_auto_decode=yes There's also a (mutt built-in) command to manually decode them (thouh less manually than piping them) within mutt (bound to esc-P by default I believe), so piping them was never required, but this does what you want. Thanks. The one line configuration works perfectly. The keybinding also works to decrypt inline pgp messages as needed. This is exactly what I want. I also want to ask if there is a convenient way to compose inline pgp messages with mutt. The K9-Mail is still using inline pgp, so that for convenience use, it'll be needed to send an inline message as reply for K9 mail. Is this possible? pgpqDptcOwR0w.pgp Description: PGP signature
PGP signing rule-based on recipient(s) address?
Dear Mutt users, I am wondering if anyone has found a way to automatically enable PGP signing for certain recipients only, perhaps through some rule-based scheme? best, Peter
Re: PGP signing rule-based on recipient(s) address?
On Tue, Mar 04, 2014 at 06:28:39PM +0100, Peter P. wrote: I am wondering if anyone has found a way to automatically enable PGP signing for certain recipients only, perhaps through some rule-based scheme? Look at send-hook and crypt-hook, along with $crypt_autoencrypt. Only tricky thing is you might need to do a catchall send-hook (.) to unhook this, and that might cause problems if you also have $crypt_replyencrypt and / or $crypt_replysign set. w
Macro for viewing photos in pgp signature
Hi, I sometimes receive messages with an embedded photo and I wonder how do display it easily from within mutt. On the console the photo can be viewed using gpg --edit-key keyID showphoto quit 1) Has someone maybe already written a macro that does exactly this? 2) If not, how do I extract the keyID from the message which I can feed to gpg? Marco signature.asc Description: Digital signature
Re: Question about PGP and mutt
On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: Incoming from Chris Bannister: On Thu, Jan 10, 2013 at 11:09:48AM -0700, Robert Holtzman wrote: On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. root@tal:~# ls -al /etc/Muttrc.d/ total 40 drwxr-xr-x 2 root root 4096 Oct 2 18:56 . drwxr-xr-x 109 root root 12288 Jan 11 18:59 .. I'm surprised you'd put that in /etc/Muttrc.d; it's all world- readable. It doesn't take advantage of today's encrypted $HOME partitions. All of my mutt config is in ~/mutt, including my muttrc. I have a ~/.muttrc symlink that points to it. Why would generic gpg commands being world-readable be an issue? Those files are part of the mutt package on Debian/Ubuntu: $ dpkg-query -S /etc/Muttrc.d/gpg.rc mutt: /etc/Muttrc.d/gpg.rc There's nothing to be gained by reading them. [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] -- Brandon Sandrowicz
Re: Question about PGP and mutt
Incoming from Brandon Sandrowicz: On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: I'm surprised you'd put that in /etc/Muttrc.d; it's all world- Why would generic gpg commands being world-readable be an issue? Those Yeah, sorry. I was confusing gnupg with mutt configs. [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] I like to keep date stamped copies of old mutt configs in my ~/mutt. It just fits my style better to have a ~/mutt dir and a symlink that points into there. -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: Question about PGP and mutt
On Fri, Jan 18, 2013 at 08:54:34PM -0700, s. keeling wrote: Incoming from Brandon Sandrowicz: On Fri, Jan 18, 2013 at 06:04:03PM -0700, s. keeling wrote: [ Btw, mutt will parse ~/.mutt/muttrc if ~/.muttrc doesn't exist. If you dot-prefix your ~/mutt, then you could axe the need for the symlink. ] I like to keep date stamped copies of old mutt configs in my ~/mutt. It just fits my style better to have a ~/mutt dir and a symlink that points into there. Well, I used to do so a while ago, but by now I am using a git-repository for each of my config folders. It also easies splitting the config into reusable parts and putting it together with all the other related scripts. I wish I had learned that lesson a few years ago.. Regards, Andre -- Andre Klärner smime.p7s Description: S/MIME cryptographic signature
Re: Question about PGP and mutt
Incoming from Andre Klärner: On Fri, Jan 18, 2013 at 08:54:34PM -0700, s. keeling wrote: I like to keep date stamped copies of old mutt configs in my ~/mutt. Well, I used to do so a while ago, but by now I am using a git-repository Sadly, I'm still working on my git-foo. for each of my config folders. It also easies splitting the config into reusable parts and putting it together with all the other related source ~/mutt/aliases source ~/mutt/folder-hook source ~/mutt/save-hook source ~/mutt/fcc-hook source ~/mutt/colors source ~/mutt/charset-hook source ~/mutt/macros source ~/mutt/gnupg Works for me. :-) -- Any technology distinguishable from magic is insufficiently advanced. (*) :(){ :|: };: - -
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 11:09:48AM -0700, Robert Holtzman wrote: On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. root@tal:~# ls -al /etc/Muttrc.d/ total 40 drwxr-xr-x 2 root root 4096 Oct 2 18:56 . drwxr-xr-x 109 root root 12288 Jan 11 18:59 .. -rw-r--r-- 1 root root79 Jul 9 2011 abook.rc -rw-r--r-- 1 root root 410 Jan 15 2011 charset.rc -rw-r--r-- 1 root root 612 Jan 15 2011 colors.rc -rw-r--r-- 1 root root 427 May 9 2011 compressed-folders.rc -rw-r--r-- 1 root root 1406 Jan 15 2011 gpg.rc -rw-r--r-- 1 root root 3648 Jan 15 2011 smime.rc OK, this is on Wheezy, but I expect it isn't that much different than Squeeze -- If you're not careful, the newspapers will have you hating the people who are being oppressed, and loving the people who are doing the oppressing. --- Malcolm X
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 01:37:54PM +0100, Andreas Hanke wrote: Hello together, I have a question about PGP and mutt! gpg2 works fine on my system, I have already tested that. In my .muttrc I have that added: /opt/mutt-1.5.21/contrib/gpg.rc So far as I am aware, you do not really need a gpg.rc file, or is it a .gpgrc? You do, however, need quite a bit in your .muttrc. This is the relevant portion of my .muttrc, which works just fine. I am using GnuPG, the open-source equivalent, but it should work the same. You will have to replace the email address associated with your PGP key, and your key code, (both are in parentheses below) but otherwise, you should be able to simply cut and paste this into your current .muttrc file and have secure email. You may test it on me if you wish. PGP email can be difficult to set up, but once working, it seems pretty stable. Enjoy: #paranoid delusional encryption stuff... also check on the use of Steghide set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f set pgp_verify_command=gpg --no-verbose --batch --output - --verify %s %f set pgp_decrypt_command=gpg --passphrase-fd 0 --no-verbose --batch --output - %f set pgp_sign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f set pgp_clearsign_command=gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f set pgp_encrypt_only_command=/usr/lib/mutt/pgpewrap /usr/bin/gpg --batch --quiet --no-verbose --output - --encrypt --textmode --armor --always-trust --encrypt-to (your key code) -- -r %r -- %f set pgp_encrypt_sign_command=/usr/lib/mutt/pgpewrap /usr/bin/gpg --passphrase-fd 0 --batch --quiet --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 5B707677 -- -r %r -- %f set pgp_import_command=gpg --no-verbose --import -v %f set pgp_export_command=gpg --no-verbose --export --armor %r set pgp_verify_key_command=gpg --no-verbose --batch --fingerprint --check-sigs %r set pgp_list_pubring_command=gpg --no-verbose --batch --with-colons --list-keys %r set pgp_list_secring_command=gpg --no-verbose --batch --with-colons --list-secret-keys %r set pgp_autosign=yes set pgp_sign_as=(the email address you are using for encryption) set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from -- Think nobody intercepts email? Think again! Gnu Privacy Guard. Not just for spies. signature.asc Description: Digital signature
Re: Question about PGP and mutt
On Thu, Jan 10, 2013 at 07:33:16AM -0600, Dale A. Raby wrote: On Thu, Jan 10, 2013 at 01:37:54PM +0100, Andreas Hanke wrote: Hello together, I have a question about PGP and mutt! gpg2 works fine on my system, I have already tested that. In my .muttrc I have that added: /opt/mutt-1.5.21/contrib/gpg.rc So far as I am aware, you do not really need a gpg.rc file, or is it a .gpgrc? You do, however, need quite a bit in your .muttrc. This is the relevant portion of my .muttrc, which works just fine. I am using GnuPG, the open-source equivalent, but it should work the same. You will have to replace the email address associated with your PGP key, and your key code, (both are in parentheses below) but otherwise, you should be able to simply cut and paste this into your current .muttrc file and have secure email. You may test it on me if you wish. PGP email can be difficult to set up, but once working, it seems pretty stable. Enjoy: #paranoid delusional encryption stuff... also check on the use of Steghide set pgp_decode_command=gpg %?p?--passphrase-fd 0? --no-verbose --batch --output - %f ..snip. set pgp_replyencrypt=yes set pgp_timeout=1800 set pgp_good_sign=^gpg: Good signature from I have none of this in my .muttrc and have pgp capability. P shows the pgp menu. This in mutt 1.5.20-9+squeeze2. -- Bob Holtzman If you think you're getting free lunch, check the price of the beer. Key ID: 8D549279 signature.asc Description: Digital signature