Outlook fails to verify key



  • as I receive the email I created in python, the signature is a separated file, but as I try to decrypt or verify the signature, the decryptor says “no data” although encrypted attachements are correctly decryptable

as the signature is “detached” and added to the mail as an attacement, it appears outlook plugin does not automaticaly take the email source as data, it really looks like a bug

can someone enlight me on this ?


Version: GnuPG v1



for information, here is the code I use to generate the email:

def encrypt(self,text):
gpg = gnupg.GPG()
encrypted_data = gpg.encrypt(text, ‘myemail@…’)
encrypted_string = str(encrypted_data)
if encrypted_data.ok:
return encrypted_string
print 'status: ', encrypted_data.status
print 'stderr: ', encrypted_data.stderr
return None

def createSignature(self,msg):
text = re.sub(r’\r?\n’, ‘\r\n’, msg.as_string())
gpg = gnupg.GPG()
signature = gpg.sign(text,detach=True,passphrase=“***************”)
sig = MIMEText(‘’)
sig.set_param(‘name’, ‘signature.asc’)
sig.add_header(‘Content-Description’, ‘OpenPGP digital signature’)
sig.add_header(‘Content-Disposition’,‘attachment’, filename=‘signature.asc’)

return sig   

def send(self,destinations=):
payload = MIMEMultipart()

payload.set_param('protocol', 'application/pgp-signature')
payload.set_param('micalg', 'pgp-sha256')   ####!!! GET THIS FROM KEY!
payload.preamble = 'This is an OpenPGP/MIME signed message.'
payload['From'] = "from@email"
payload['To'] = COMMASPACE.join(destinations)
payload['Date'] = formatdate(localtime = True)
payload['Subject'] = Header(self.subject, "utf-8")

mail_text=MIMEText(mail_text+"\n", 'html', "utf-8")

# signature
signature = self.createSignature(payload)


# send mail
smtp = smtplib.SMTP("localhost", 25)
smtp.sendmail(payload['From'], destinations, encrypted_mail)


With a detached signature you need “MIME” Support which will be new by default in Gpg4win-3.0.0

You can switch to this if you have at least gpg4win 2.3.1 (better 2.3.2) if you open the options (the small arrow in the bottom right corner of gpgol) and set “Enable minimized interface (experimental)” and restart outlook.

Afterwards when you open the mail again it should be automatically verified and the Kleo popup will show up.

We want to make this a bit nicer still before we make this default. (See our Roadmap in the gpg4win wiki)

Please let us know if it still does not try to verify the mail even if you have that setting enabled.

well I tried, so now:

  • instead of decryt and save, I only have decrypt

  • all GpgOL buttons have disapeared from outlook so no way to reverse that setting

  • no popups show up as I open the mail

I could reverse it back , as I found a GpgOL registry entry and put back 0 in mimeUI

The option menu would have been available when you select “New Mail” as there will be the sign & encrypt buttons now which also have the corner thingy.

Would it be possible to send me such a signed mail to
aheinecke@intevation.de ? So that I can take a look at the structure?

well new mail is not what I need to do :slight_smile:

I created a test script that should send you a mail (only the attached picture is missing) but for the rest it is the equivalent of what I send to myself

so, did you receive my test mail ?

Hi p f,
another hint:
To access gnupg from python, the recommendation is to use
a module that utilises gpgme, e.g. pyme for python3, see


nice but I cant find any tutorial to use pyme

this lib seems not to be very used


pyme is a python binding of gpgme. For gpgme there is a documentation
coming with it. (One version of the gpgme documentation can be found here:
https://gnupg.org/documentation/manuals/gpgme/ )

The upcoming binding based on pyme for gnupg 2.11 is the future solution,
I know of a number of applications using pyme (e.g. Roundup has support for it, I am not sure if this is support for creating MIME emails, though). I suggest you write an email to
gnupg-devel@ and ask for example code for creating OpenPGP/MIME emails.
There used to be example code coming with pyme.


I found this but I need to dig further
it kinda pisses me to redo everything I achieved with gnupg library :slight_smile:


thanks for the infos :slight_smile: