1 User's guide - Using PGP/GnuPG with Madmutt
2 ===========================================
4 How do I use mutt with PGP, PGP5, or GnuPG?
5 -------------------------------------------
7 Go to the contrib subdirectory of the source tree. You'll find
8 three files there, pgp2.rc, pgp5.rc, and gpg.rc. These files
9 contain ready-to-use configurations for using mutt with pgp2, pgp5,
12 Include one of these files with your Madmutt config file (e.g. ~/.madmuttrc),
13 and things should work out fine.
15 You may wish to verify that all paths and the language parameters
16 given to the PGP binaries match your needs.
20 Frequently Asked Questions and Tips
21 -----------------------------------
23 Q: "People are sending PGP messages which Madmutt doesn't
24 recognize. What can I do?"
26 A: The new way is to leave headers alone and use mutt's
27 check-traditional-pgp function, which can detect PGP messages at
28 runtime, and adjust content-types.
30 The old way is to configure your mail filter so it fixes headers:
32 Add the following lines to your ~/.procmailrc (you are
33 using procmail, aren't you?):
35 ------------------------------
42 * !^Content-Type: message/
43 * !^Content-Type: multipart/
44 * !^Content-Type: application/pgp
47 * ^-----BEGIN PGP MESSAGE-----
48 * ^-----END PGP MESSAGE-----
50 -i "Content-Type: application/pgp; format=text; x-action=encrypt"
53 * ^-----BEGIN PGP SIGNED MESSAGE-----
54 * ^-----BEGIN PGP SIGNATURE-----
55 * ^-----END PGP SIGNATURE-----
57 -i "Content-Type: application/pgp; format=text; x-action=sign"
61 ------------------------------
63 For users of maildrop, "Mark Weinem"
64 <mark.weinem@unidui.uni-duisburg.de> suggests the following recipe:
66 ------------------------------
68 BPGPM="-----BEGIN PGP MESSAGE-----"
69 EPGPM="-----END PGP MESSAGE-----"
70 BPGPS="-----BEGIN PGP SIGNATURE-----"
71 EPGPS="-----END PGP SIGNATURE-----"
73 if (!/^Content-Type: message/ && !/^Content-Type: multipart/ \
74 && !/^Content-Type: application\/pgp/)
76 if (/^$BPGPM/:b && /^$EPGPM/:b)
77 xfilter "reformail -A 'Content-Type: application/pgp; format=text; \
80 if (/^$BPGPS/:b && /^$EPGPS/:b)
81 xfilter "reformail -A 'Content-Type: application/pgp; format=text; \
85 ------------------------------
89 Q: "I don't like that PGP/MIME stuff, but want to use the
90 old way of PGP-signing my mails. Can't you include
93 A: No. Application/pgp is not really suited to a world with MIME,
94 non-textual body parts and similar things. Anyway, if you really
95 want to generate these old-style attachments, include the
96 following macro in your ~/.madmuttrc (line breaks for readability,
97 this is actually one line):
99 macro compose S "Fpgp +verbose=0 -fast
100 +clearsig=on\ny^T^Uapplication/pgp; format=text;
104 There's a new answer, though: Set the pgp_autoinline
105 configuration variable (it's a quad-option) to something different
106 from "no" (that's the default). Madmutt will then try to use
107 application/pgp whereever it makes sense. In particular, it does
108 not make any sense with multiparts, or non-ASCII or non-text bodies.
109 In all other cases, PGP/MIME is used unconditionally.
111 Note that application/pgp is still strongly deprecated.
115 Q: "I don't like all the ^Gs and various other verbosity
116 PGP is presenting me with."
118 A: Roland Rosenfeld <roland@spinnaker.rhein.de> has found a quite
119 elegant solution to this problem: PGP has some pretty good foreign
120 language support. So we just introduce a language called "mutt"
121 which contains empty strings for the messages we don't want to see.
122 To use this, copy either language.txt or language50.txt (depending
123 on what PGP version you are using) to your $PGPPATH. Make sure the
124 PGP command formats pass "+language=pgp" to all the PGP binaries
125 (but not to pgpringng!).
127 For PGP 2.6, a German version called "muttde" is available
131 Q: "My PGP signatures are being invalidated. BTW, I'm using Courier
134 A: The author of the Courier MTA believes that the standard specifying
135 multipart/signed is broken. For that reason, he has choosen to
136 implement his MTA in a way which does not assure that
137 multipart/signed body parts are left untouched.
139 We suggest that you abandon courier and change to qmail, postfix,
150 Madmutt needs two auxiliary programs for its PGP support: pgpewrapng and
156 pgpringng is a key ring dumper. It extracts information from PGP's
157 binary key ring and emits it in an (almost) readable output format
158 understood by mutt's key selection routines. This output format
159 mimics the one used by the GNU Privacy Guard (GPG).
161 You'll need this program with PGP 2 and PGP 5.
163 Command line options:
165 -k <key ring> Dump the contents of the key ring specified
166 as an argument to -k.
168 -2, -5 Use the default key ring for PGP 2 or 5,
171 -s Dump the secret key ring.
177 This is a little C program which does some command line munging: The
178 first argument is a command to be executed. When pgpewrapng
179 encounters a "--" (dash-dash) argument, it will interpret the next
180 argument as a prefix which is put in front of all following
185 pgpewrapng pgpe file -- -r a b c
189 pgpe file -r a -r b -r c
191 This script is needed with PGP 5 and with GPG, since their command
192 line interfaces can't be properly served by mutt's format mechanism.
196 The Configuration Interface
197 ---------------------------
199 As usual within Madmutt, the configuration interface for the PGP
200 commands relies on printf-like formats. For all PGP commands, the
201 following %-sequences are defined.
203 %p The empty string when no passphrase is needed,
204 the string "PGPPASSFD=0" if one is needed.
206 This is mostly used in conditional % sequences.
208 %f Most PGP commands operate on a single file or a file
209 containing a message. %f expands to this file's name.
211 %s When verifying signatures, there is another temporary file
212 containing the detached signature. %s expands to this
215 %a In "signing" contexts, this expands to the value of the
216 configuration variable $pgp_sign_as. You probably need to
217 use this within a conditional % sequence.
219 %r In many contexts, mutt passes key IDs to pgp. %r expands to
222 The following command formats are defined:
224 $pgp_decode_command Decode application/pgp messages. This
225 command operates with and without pass phrases.
227 $pgp_verify_command Verify a PGP/MIME signature.
229 $pgp_decrypt_command Decrypt a PGP/MIME encrypted MIME body.
230 This command always gets a pass phrase.
232 $pgp_sign_command Sign a PGP/MIME body. This command always
236 $pgp_encrypt_sign_command Encrypt and sign a MIME body. This
237 command always gets a pass phrase.
239 $pgp_encrypt_only_command Encrypt a MIME body, but don't sign it.
241 $pgp_import_command Import PGP keys from a file.
243 $pgp_export_command Export PGP keys to a file. The output must
246 $pgp_verify_key_command Check a public key. This is used from the
249 $pgp_list_secring_command List the secret keys matching some hints
252 $pgp_list_pubring_command List the public keys matching some hints
255 The passphrase is always passed on stdin; all commands must send
256 their output to stdout and stderr.