Thanks for the "security" thing. Didn't know about that one. I suspect I've got bare keys in the loop, either frighteningly bare (on-disk) or via a fork/exec inheritance like ssh-agent (or keychain, either OSX or GPG) to get round some of this.
So I have a workable (as in, I can read things) state, via the nasty path. But it's pretty nasty, in all senses. It isn't very discriminating about what to show me in the MIME bodyparts, And it has all the problems you identified. Basically, I leveraged MHN to "hand the problem off to something else" in shell. I have to explicitly call | less with gpgsm because MHN calling gpgsm doesn't seem to invoke MHL over the output. Emacs appears to have a lot of this built in now, because (I believe) more mail packages than MH-E want secure mail to work. So I suspect inside Emacs, it's ignoring what .mh_profile says for MHN for this MIME bodytype. and doing its own thing. Probably that stems from having to "pipe" a header/body into the emacs hooks for a visible pane. I did a search down the .EL files, It looks to have a bunch of MIME types and actions defined in MH-E related LISP code. Thats why I think the decode is outside of the MH space: Respect the file, use inc and post, but handle display "yourself" I'm also now a bit leery of where to set things. Using the Emacs built in 'configuration tools' wound up writing some things in .emacs but I can't work out where it did anything about SMIME. Oh well. Any program written in LISP is probably self-aware anyway. Skymesh won't build itself. I don't intend sending PKCS7. The stupid Mail.app has a sticky behaviour around signed/sealed mail which is an infection that leaks: I get stuff, because people turned it on once, and it stuck (when it detected a cert for me) So I wanted to be able to at least read stuff. Overall MIME sucks a bit for good old terminal mail. Not to disrespect Ned Freed, Nat Borenstein &c, but Mostly I just want to send people text. (Although with Markdown I increasingly expect *emphasis* to uplift so there you go: I'm no better than anyone else here) And I'm responding to this inside GMail so .. who knows how bad the payload is! -G
