Hi, I’m not sure this is the correct forum; if not, please let me know a better place.
I am running Gpg4Win with Kleopatra + Microsoft Outlook APP on Windows.
I have a sender who uses an email app which places the PGP encrypted message as the body of the email, instead of an attachment “encrypted.asc” like other clients.
This in-line message has no problem being decoded by a Thunderbird recipient, as well as a Gmail + FlowCrypt recipient. But Outlook + Kleopatra doesn’t recognize it as an encrypted message, and just show the body raw.
Is this a known issue? Or is there a setting I can change to allow Kleopatra to decode these types of messages?
Hi @chrissv,
we would need some more information to try to help you.
Aside from the Gpg4win version you are using we would especially need to know more about the problematic mail and/or the program it was sent with. Do you now which program was used? Is the message PGP/MIME encrypted or PGP/inline? Does the “raw body” begin with “-----BEGIN PGP MESSAGE-----”?
Hi, thanks for the reply.
The email was composed using Gmail + FlowCrypt extension.
Here is the the raw message data (skipping the standard email headers):
Could you check if it decrypts when you paste this into the notepad of Kleopatra?
I took the message body (which Outlook + Kleopatra isn’t interpreting as a PGP message) and put it in Kleopatra’s Notepad and verified the message decrypts:
I can’t replicate the problem. GpgOL correctly shows me that it has been encrypted to two keys and that I don’t have the private key. For testing I took the message, put it into a file x.eml and opened it with Outlook (i.e. right click in the explorer). I also checked that the missing traling LF does not matter. Granted that is with gpgol 2.6.0 but I doubt that we changed anything relevant. since 2.5.14 or earlier
I’m not using any add-ins, but I did notice that there is a banner imposed by my company I.T. department (it’s not anything I have control over on the client side):
This is very likely. The Addin “TITUS Message Classification”, which does insert such a banner into the mail structure, is listed among the incompatible Addins: https://wiki.gnupg.org/GpgOL/IncompatibleAddons .
I have heard that there are configurations of that software which make it somewhat workable with GpgOL, but nobody shared their config AFAIK.
What I’d like to know is: Are you only getting flowcrypt encrypted messages on your work account? How about other PGP/inline messages, are those decrypted? (PGP/inline is not state of the art securitywise, btw.)
I assume GpgOL encrypted messages are decrypted on your work account? (Those use PGP/MIME)
Looks like it, at least for PGP/inline and our Addin for Outlook classic.
Any software which inserts a banner or otherwise changes the mail structure will cause problems with GpgOL and has a high probability of making parallel usage impossible.
As it depends on how the email was changed by the the product or how it hooks into Outlook. It is not clear from the PDF that you have linked how Proofpoint works.