I have GPG4win 2.3.3 installed successfully and functioning quite well with people with whom I have exchanged trusted certs.
I am using MS Outlook 2007. I can see the GPGOL Add-In, and the additional TAB in Outlook’s Email Options menu.
When I encrypt and sign an email message and send it to someone, a copy by default (in MS Outlook) is kept in the SENT folder.
When I go to the SENT folder, all these messages appear like all typical messages, with some additional thumbnails/icons showing their encrypted state. When I place the cursor on one of these encrypted messages in my SENT folder, GPGOL goes into a few seconds of decrypting it, completes successfully, but leaves me with a scrambled – i.e., unreadable and therefore still encrypted or incorrectly decrypted – email. I am excluding any mention of attachments just to keep this thread manageable and understandable.
However, when I cc: myself a copy of an encrypted email which I send to someone else, the copy that “comes in” and lands in the INBOX is perfectly readable – or put another way, decrypted properly.
I must be missing something. BTW, I have configured my MS Outlook 2007 to send all emails strictly in PLAIN TEXT only, and no other format.
Would appreciate nay tips, suggestions or pointers.
the Outlook 2007 support of GpgOL is based on an elder code base
which we are currently modernising for the next major release,
see https://wiki.gnupg.org/Gpg4win/Roadmap
In your use case it makes sense to give one of the testversions
a run.
For what it’s worth I have not yet changed the Outlook 2007 code to use the new codebase for 2010 and later so a testversion would yield the same results.
I’ll try to remember to let you know once there is a testversion with updated Outlook 2007 code.
I am recalling something – a feature – which used to exist but does not exist in Ver. 2.3.3. I’m not 100% sure when I say this, but about 3 years ago, when I installed and used GPG4Win for about a year, there was a very powerful feature – “self decrypting” files. This feature is particularly useful if the recipient of a file (not email) has no GPG4Win but needs to receive a secure file from someone who has GPG4win.
A file is encrypted along with a passphrase (no relation to the passphrase of the GPG4Win/Kleopatra key pair) specific only to this file.
The sender most likely will reveal that passphrase by telephone, or some other means to his intended recipient. When the recipient receives that encrypted file, he decrypts it using this specific passphrase. The passphrase is assigned by the sender each time he wishes to create a self-decrypting file.
we never had such a “self-decrypting” feature in Gpg4win.
The reason is that we would have needed to ship a lot of code with it,
which the recipient would had to trust. And this is a bad idea:
don’t trust other people’s code (that you’ve got over a regular communication mechanism).
I must be thinking of an earlier era, the last few years of PGP. Back then I was one of the “last few” who downloaded PGP 8 (last known version) from the MIT website. I still have that downloaded file and once (maybe 10+ years ago) I installed it in the early Win7 (or “late Win XP”). And it worked for a while until one day, it conflicted with anti-virus and the use of remote access (e.g., CITRIX). So I stopped using it.
My sincerest thanks to you for sharing your thoughts. I agree with your statement about trusting the code for the self-decrypting feature.