Env: outlook 2013 (microsoft exchange)
GPG4win: 3.1.14 (I don’t use the latest one which is 3.1.15 because of the administrator issue)
I am not sure which tool the sender is using to encrypt the email. But I am sure it is not GPG4win because I have tried sending images/tables those HTML stuff to another GPG4win users and those content was just decrypted correctly.
When I receive the email, the content is decrypted by GpgOL in plain text format which is really not friendly to me. And the following messages show up:
Not all attachments were encrypted or signed
The unsigned / unencrypted attachments are: PGPexch.htm.pgp
Then I download the PGPexch.htm.pgp to decrypt by Kleopatra.
The decryption process is fine without any error. And then I see beautiful HTML format. However, the image in the email is missing.
Could anyone help me:
- How to see HTML format directly when I receive and decrypt the email in outlook?
- How to get the missing image?
Thanks you guys in advance.
Re 1.: there is no way to see the HTML directly, if it encrypted like this. Try to convince your sender to switch to the OpenPGP/MIME format (Symantec’s Desktop PGP is said to support it, so it can be configured.)
Re 2: this depends on where the missing image. If it is in another attachement, you can safe it. Probably is it loaded via the internet? Check the HTML file with an editor to see which image it tries to display or the webbrowser console to see if there is an image loading error. If you find the image, download it and place it in the directory. Okay, this is all complicated, but the usual crack is to send you something that poses as an image as mail and hope you click on it. So some precautions are unavoidable.
Thanks for your prompt response!
Understood for point #1. But it is unlikely the sender will change that for me…
Regarding point #2, I trace the HTML code and here is the descriptions of the missing image:
I have no idea where the image is hiding. I am not familiar with HTML so I don't understand what does it mean - "cid:image001.png@01D6FBC0.4F4C2050".
I also check the GunPG Audit Log Viewer (Kleopatra)
There is nothing related to the missing image…
Is there any other debug method I could use to help the analysis?
src="cid:... is an embedded image, as least this is what I’ve found when searching the web and a related RFC is https://www.rfc-editor.org/rfc/inline-errata/rfc2392.html .
To make the image seen (manually), you’d need to find the image data in the email, decode and safe it to disk and then change the src part in the HTML to point to this file.
I don’t know where it is either, you could try to look for
in the mail or saved attachments, even within the HTML file.
Sorry to not be of more help.
I really appreciate what you have done.
I searched all places I can imagine but still failed to find the image.
I am giving it up.
Hope someone in the future can help me or I may turn to GPG4o or Symantec Desktop.
In fact, I have tried GPG4o trial version and it just works fine.
Symantec Desktop is doing well too (because I always call help to my colleague, a Symantec user, to forward the decrypted mail to me)
Thank you again~
hopefully in the future, your recipient will switch to sending a standard format.
(As the format used will not be parsed by other crypto clients as well.)
The next step of debugging would be, if you could get an email from your recipient encrypted to us, so we can at least search for the structure. But has you wrote, your recipient is not cooperating with you, so it is probably not an option.
Is the standard format you are talking about “OpenPGP/MIME format”?
I am wondering if I did anything wrong on the configuration of GpgOL.
The GpgOL on my outlook is version 2.4.8.
All configurations are unchanged with default value.
I just noticed that the check box of “Enable the S/MIME support” is unchecked.
Should I enable it? I am not sure whether it is related to encryption (send email) or decryption (receive email) or both?
Also there is another option “Send OpenPGP mails without attachments as PGP/Inline” which is also unchecked.
This looks like exactly what I want from my recipient.
Otherwise their emails are always decrypted in plain text with a encrypted attachment.
OK, I just enable the S/MIME support and nothing changed. Is the option applied to the emails which are downloaded from the mail exchange server to my local disk already?
Or maybe this option has nothing to do with the missing image of the decrypted email.
Regarding the next step of the debugging, I am a bit confused about the request.
Do you want me to send you an encrypted email which is sent by my recipient?
Or do you want me to send you an email which is decrypted by my local GpgOL where the image is missing? I think I can not do that either way since the mail is quite confidential (that’s why they are encrypted). I think I could locally use proper editor to show you the structure you mentioned. Do you think it makes sense?
regarding the format: Yes, “OpenPGP/MIME” is the standard format your sender should be using. (Your settings were default and good, please do not change them.) (I mixed up “sender” and “recipient” partly in my last message, sorry for the confusion.)
Because the existence of an attachment called “PGPexch.htm.pgp” means that the sender
did not use “OpenPGP/MIME”.
Regarding further debugging:
To where the image would be in the data and if it is there at all, we would need to have a test email which is encrypted to us, with the same structure. (Of course with only non-sensitive data, this is why I wrote it would mean to ask your sender to send such an email with the same configuration to a different address, which is unlikely).
For debugging, do I also need your public key so that you could decrypt it?
I am thinking to ask my colleague to help me reproduce the problem with Symantec Desktop which I guess the sender is using.
(My colleague is lucky to have the last Symantec license in my office…)
yes, you’d need to encrypt to me (or Andre) or one of the test key pairs, where both the public and the secret key is available for everyone to decrypt, e.g. https://wiki.gnupg.org/SampleKeys
(You’ll find my public key here https://intevation.de/~bernhard/bernhard_gpgkey.asc
or via WKD:
I can access sample key and your public key, no problem.
But there has been a three days holiday in my country.
I will get back to you when I could reproduce the problem ASAP.
BTW, would you please give me your email address again?
BTW: If the email was encrypted with the sample key, you could publish it
in mbox format (if you can get it this way, raw format).
Anyway, for my contact data, see https://intevation.de/~bernhard/index.en.html
My colleague and I just reproduce the issue with Symantec Desktop.
I decide to use Alice’s public key (from https://wiki.gnupg.org/SampleKeys) and send the encrypted email to Alice (firstname.lastname@example.org).
I hope it will also work for you.
BTW, before we proceed, I would like to make sure the GPG4win is totally free to use even we plan to use it for business. Is my understanding correct?
Any illegal usage of a software is not allowed in my company.
using the sample key and sending it to email@example.com should work for me.
All components in Gpg4win are “Free Software” (from the meaning of “liberty”) and you
can use the common version without mandatory fee.
For the precise legal terms, see https://www.gpg4win.de/license.html
- We ask people to pay something volunteeringly, so we can keep this service and the maintenace up.
- There are additional paid-for services, e.g. when you need Gpg4win for many work places and high or very high security setting, we recommend you check into the “GnuPPg VS-Desktop”, to ensure operating support, see https://gnupg.com/index.html
Again, summarized: Yes, you are allowed to use Gpg4win without fee for business use.
Thank you for giving me a explicit summary in the end of your post!!
It is weird that my colleague and I can not send an encrypted email to Alice ( firstname.lastname@example.org).
So I just tried to send you an email.
It seems the sending process is successful and no error message is shown this time.
I will ask my colleague to send you the test mail again later.
your two testing emails arrived.
(For me to be able to encrypt back to you, I’d also need your public key, you could just attach them.)
The test mail I’ve got has two attachments:
decrypting them both manually (not on windows), and then replacing
I can see the HTML with the image.
So your problem is that you cannot see “Attachment1.pgp”? So you are
unable to save if from your GpgOL?
Yes! I never get the file - “Attachment1.pgp”.
Is there any configuration in GpgOL I should check?
this maybe a problem specific to GpgOL when used with Exchange as mailtransport.
(As the attachment maybe stored and transported differently from exchange to outlook.)
Can you try the latest Gpg4win 3.1.16, if you haven’t done so far?
Can you enable debugging output and look for interesting entries,
(Only send the relevant parts to me and check that there is no sensitive data in there.)
I just upgraded to 3.1.16 and nothing is changed.
The log file was sent to you by email.
I see messages showing the encrypted image “Attachment1.pgp” but I can not debug further.
20:40:21/3484/mapihelp.cpp:mapi_create_attach_table: message has 3 attachments
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4be8
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4e68
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4fa8
20:40:21/3484/mapihelp.cpp:mapi_create_attach_table: attachment info:
20:40:21/3484/ 529093 mt=0 fname=
Attachment1.pgp' ct=image/png’ ct_parms=
(null)' method:1 20:40:21/3484/ 529125 mt=0 fname=PGPexch.htm.pgp’ ct=
(null)' ct_parms=(null)’ method:1
20:40:21/3484/ 531173 mt=4 fname=
GpgOL_original_OpenPGP_message.txt' ct=(null)’ ct_parms=`(null)’ method:1
Please let me know if you need more information.
thanks for the debugging infos, I’ve created a tickets for this as it is a potential defect in GpgOL:
Note that it may take 2-3 weeks until we can act on this (because it is vacation time here in the summer).
Until then, you could try to use a different email client, like claws for windows
to access your exchange via IMAP and get the email in a more complete way as a
workaround. It is not very comfortable, but just in case you needed it urgently.
(Please still be aware that senders should better switch to OpenPGP/MIME and that opening HTML files can be a security problem.)