GPG4Win needs Internet access - why?


I use Thunderbird with Enigmail (both together with Windows). I also use GPG4Win. Different parts of GPG4Win repeatedly request access to the Internet, e.g. when I am clicking on an encrypted email in Thunderbird.

Why does GPG4Win need access to the Internet?
What kind of data are transmitted?

Seeing that access to the Internet is requested, I do not really feel secure about GPG4Win (and Enigmail)…

Thanks for any explanations.

Wow – that is very disturbing.

It makes me doubt that even open source encryption software can be trusted to keep your private information private.

When it comes to security, I am beginning to think that it is a serious mistake to use any code you haven’t written yourself.

Well - what about ‘works as designed?’
E. g. you receive an e-mail with an unknown signature - and key-servers have to be contacted to check that signature.
And maybe there is just an option to check for updates of one of its elements (gnupg, kleopatra etc.).

Therefore: Please provide much more information about when which IP-addresses should be contacted.



Are you aware of any utility that allows the user to specify which programs may access which IP addresses under which circumstances? That is, something like an open-source ZoneAlarm with finer control?

Or a utility that allows the user to verify that a program like gpg4win is only checking for an update and nothing more?

These things would be very useful…

Hello Bernd,

thank you very much for your answer.

Maybe it works “as designed” but in this case it is not designed to build confidence:

The files


repeatedly want to access the IP

Even when I am clicking on “old messages” in my Thunderbird, at least one of these files tries to connect to the Internet. So, someone might keep track of when I read messages… (or even more). That is not exactly what you want if you encrypt your emails, right?


That’s the IP of your network-interface-card (NIC); cf.

But I do not know why it contacts itself.

Bernd Leutenecker

Hi Bernd,

ok, that was my mistake!

I still dislike this mechanism because I don’t think it’s possible for my firewall to distinguish between the local host and remote hosts. So, there’s no effective control if the program wants to connect to the Internet.

Anyways, at least I do know now why there are so many firewall events. Maybe I find a way to work around it…

Thank you very much for your explanation.

Best regards