Freedom_Lover at pobox.com
Thu Feb 5 17:22:23 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
Kyle Hasselbacher wrote:
> On Wed, Feb 04, 2004 at 11:33:50PM -0500, Todd wrote:
> One thing I've wanted once in a while, that PGP/MIME doesn't
> deliver, is signatures that I can separate from the email. The
> signature on a PGP/MIME message is over the whole MIME part, MIME
> headers and all. If I want to save just an attachment (or just the
> text part) and retain the signature, I can't, because the signature
> is over the whole message.
Interesting. I've never had a need or desire to do that, though I see
where it might be useful on occasion.
>>That's always a handy thing. In mutt, you have the power of hooks
>>that allow you to specify per folder, per sender, per reply, etc,
>>what actions to take. By default, I sign all messages. I have a
>>list of people I always encrypt and sign messages to. I also have a
>>list of people I never sign messages to. Then I use inline most of
>>the time but for a few folks and mailing lists I use PGP/MIME.
>>Lastly, when I reply to non-list mail, I have mutt look for some
>>X-Mailer and User-Agent headers of MUA's that are known to support
>>PGP/MIME and I send in that format when I reply to those users.
>>That sort of fine grained control is what I love most about mutt.
> I'd be interested in seeing your config for these things. It sounds
> like the kind of stuff I've wanted to do but hadn't figured out how.
Sure. Let me say that I'm far from a mutt expert and I haven't taken
the time to make this as slick as it could be. But if it gives you
some ideas that prove useful, that'll be cool. You might end up
posting them somewhere that I can steal them back later. :)
Here's a snippet from my mutt config. Hopefully I haven't edited out
# pgp sign messages by default
send-hook . 'set pgp_autosign=yes; set pgp_autoencrypt=no'
# create traditional (inline) pgp messages by default, but use pgp/mime for
# MUA's that handle it (except for known lists (other than mutt-users))
send-hook . 'set pgp_create_traditional=yes'
message-hook ~A 'set pgp_create_traditional=yes'
message-hook '~h (X-Mailer:.*Evolution\|User-Agent:\ Mutt) !~l' \
message-hook '~h x-enigmail-supports:.*pgp-mime ! ~l' \
message-hook '~h Content-Type:.*multipart/(encrypted\|signed.*application/pgp) ! ~l' \
message-hook '~C mutt-users@' 'set pgp_create_traditional=no'
# use pgp/mime for some recipients
send-hook '~t tmz at pobox.com' 'set pgp_create_traditional=no'
# no pgp signature or encryption for some recipients
send-hook '~t .*-request at .*' 'set pgp_autosign=no; set pgp_autoencrypt=no'
# encrypt and sign to some recipients
send-hook '~t tmz at pobox.com' 'set pgp_autosign=yes; set pgp_autoencrypt=yes'
One thing I've thought about doing -- but haven't gotten around to --
is putting the headers I want to match into a file and then just
looping over it to populate the list of MUA's I want to send PGP/MIME.
I just did it this way to see if it would work and it seems to do so
quite well. This is another place where Dale Woolridge's
pgp-menu-traditional patch is very helpful. It adds (PGP/MIME) or
(Inline) to the PGP: menu in mutt's compose screen. That way it's
really obvious if my rules have guessed wrong and I get a chance to
catch and correct it before hitting send.
Somewhere, either here or on mutt-users (I think the latter), there
was some talk and examples of how to loop over your gpg-keyring and
set pgp_autosign and pgp_autoencrypt for all the keys you have. I'd
want to clean up my bloated keyring before I did that, but that's
another thing I intend to get around to doing some evening.
Basically, if I have a key for someone, I have it so I can encrypt
communication with them, so making that happen by default would save
me some time.
Todd OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
water, taken in moderation, cannot hurt anybody.
-- mark twain
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.
-----END PGP SIGNATURE-----
More information about the Gnupg-users