Re: [SOGo] Plain text view of GPG encrypted messages
Hi Jens, sorry for replying so late (I had my Thunderbird folder configured not to check automatically my sogo folder, and did not see the new messages). This is how Thunderbird/Enigmail sends an encrypted message in PGP/MIME format (excerpt): --- (...) User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.0 MIME-Version: 1.0 Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="TqeHW2sFmaPa9uaPa3k3lAq7bRQDx6n9A" This is an OpenPGP/MIME encrypted message (RFC 4880 and 3156) --TqeHW2sFmaPa9uaPa3k3lAq7bRQDx6n9A Content-Type: application/pgp-encrypted Content-Description: PGP/MIME version identification Version: 1 --TqeHW2sFmaPa9uaPa3k3lAq7bRQDx6n9A Content-Type: application/octet-stream; name="encrypted.asc" Content-Description: OpenPGP encrypted message Content-Disposition: inline; filename="encrypted.asc" -BEGIN PGP MESSAGE- Version: GnuPG v2 hQIMA0Jw/mn40ioTAQ/5ASSA8vi3YuwZ8rRegzC/iaFevJv0fj6pumyo3Rc58U42 zKWC/t50mkpm2xRi3VncMGQGVXbgxuNk0asYXp7HURKLcF1YtqZaPnBJgCdspgGY NWlM0Q6Vk8x9k/YdFlVovvAPcufW0lqd3eYrdPyTrKejiQuTkHy+ogUSdrELqjvV mI/T+1Q+d/GtElDuON7rcDXwHLrIi0Aqaxsnmj4vcH5uQlUP4xoAqLk0HXOOlSGC kn/rotwMTIh3pEXV4zAuXylDYpCgakvTFBmfTcB3M+3Oo79Jsr3sl/CzP5EASJ44 sPPRzOtoa03Nd1HVsrvQxgcVVnwCsxi8g6Fuh+Fhu3XMJurAOhtoczQ8zjlaSjiT kCphVnVkVr9kk6DsMVt2lImVvlTbIeEahmQ+gCqB+K+aQ6s+O/4uzWRXynRs4PQp (...) --- So first there is a multipart application/pgp-encryted first, then a part with the same MIME type (application/pgp-encrypted) and with a header "Content-Disposition: inline". This last header should make SOGo display the part instead of showing it as an attachment, right? In fact, it seems that this disposition is the standard for PGP/MIME messages, so maybe SOGo should check for this special case (an application/octet-stream part with a Content-Disposition: inline, included inside a application/pgp-encrypted MIME multipart), and show the encrypted text inline... Regards Jorge Jorge González Villalonga Ingeniero de Sistemas / Systems Engineer Red Hat Certified Engineer #140-183-666 Móvil / Cell: (+34) 672 173 200 La información contenida en este mensaje y/o archivo(s) adjunto(s) es confidencial/privilegiada y está destinada a ser leída sólo por la(s) persona(s) a la(s) que va dirigida. Si usted lee este mensaje y no es el destinatario señalado, el empleado o el agente responsable de entregar el mensaje al destinatario, o ha recibido esta comunicación por error, le informamos que está totalmente prohibida, y puede ser ilegal, cualquier divulgación, distribución o reproducción de esta comunicación. Le rogamos que nos lo notifique inmediatamente y nos devuelva el mensaje original a la dirección arriba mencionada. Gracias. El 16/04/17 a las 09:52, Jens Erat (jens.e...@uni-konstanz.de) escribió: > Hi Jorge, > > at least SOGo 2.3 (I do not have access to some SOGo 3 account right now, so > I could not verify) displays inline OpenPGP messages as plain text, while it > indeed does show PGP/MIME messages as attachments. Do you know what other web > mail systems are doing to be compatible with Mailvelope for displaying > PGP/MIME messages? Are they just emitting the encapsulated ASCII-armored > message to the mail body? This might be a minor change to the SOGo code > (recognizing the header and printing the message), but in the end the scope > has to be determined by the developers... At least skimming through the code > files I suspect to be relevant, I did not find an obvious location to add > three or four lines of code for this (but I don't know the SOGo code very > well). > > There is a feature request, though: https://sogo.nu/bugs/view.php?id=3220 > > Regards from Stuttgart, Germany, > Jens > > On 05.04.2017 21:55, Jorge Gonzalez (jorge.gonza...@daikon.es) wrote: >> Good evening, >> >> I have searched for this issue on the list archives but I found nothing >> related (it seems). So here I go: >> >> I have a Sogo installation and most of my users are using Mailvelope >> extension for encrypting their emails. THey have correctly added the SOGO >> webmail page to their list of Mailvelope pages so that it detects and >> decrypts the messages. >> >> Mailvelope normally runs by detecting in realtime HTML elements which >> contain a PGP ASCII-armored message or signature, and it "hijacks" the frame >> or container where it is, decrypting the contents and showing the decrypted >> version instead. >> >> Question is, for this to work, the webmail in question has to show the >> encrypted ASCII-armored message, so that Mailvelope detects it. >> >> SOGo does not do this: instead it shows a blank email with an "untitled" >> attachment and no more info. I have seen in the logs messages about SOGO not >> finding a default viewer for content of that type. >> >> For now, I have shown my users a trick: get to show the message source, and >> this is recogniz
Re: [SOGo] Plain text view of GPG encrypted messages
Hi Jorge, at least SOGo 2.3 (I do not have access to some SOGo 3 account right now, so I could not verify) displays inline OpenPGP messages as plain text, while it indeed does show PGP/MIME messages as attachments. Do you know what other web mail systems are doing to be compatible with Mailvelope for displaying PGP/MIME messages? Are they just emitting the encapsulated ASCII-armored message to the mail body? This might be a minor change to the SOGo code (recognizing the header and printing the message), but in the end the scope has to be determined by the developers... At least skimming through the code files I suspect to be relevant, I did not find an obvious location to add three or four lines of code for this (but I don't know the SOGo code very well). There is a feature request, though: https://sogo.nu/bugs/view.php?id=3220 Regards from Stuttgart, Germany, Jens On 05.04.2017 21:55, Jorge Gonzalez (jorge.gonza...@daikon.es) wrote: > Good evening, > > I have searched for this issue on the list archives but I found nothing > related (it seems). So here I go: > > I have a Sogo installation and most of my users are using Mailvelope > extension for encrypting their emails. THey have correctly added the SOGO > webmail page to their list of Mailvelope pages so that it detects and > decrypts the messages. > > Mailvelope normally runs by detecting in realtime HTML elements which contain > a PGP ASCII-armored message or signature, and it "hijacks" the frame or > container where it is, decrypting the contents and showing the decrypted > version instead. > > Question is, for this to work, the webmail in question has to show the > encrypted ASCII-armored message, so that Mailvelope detects it. > > SOGo does not do this: instead it shows a blank email with an "untitled" > attachment and no more info. I have seen in the logs messages about SOGO not > finding a default viewer for content of that type. > > For now, I have shown my users a trick: get to show the message source, and > this is recognized by Mailvelope and the message shown. But it would be nice > if the users did not have to jump through these hoops. > > My question is: can SOGo be configured in a way such that the default viewer > for a mail part is to show the text in ASCII form? Most webmails do this > (that's why Mailvelope works so well :-), including Gmail. > > Thanks in advance > > Regards > > Jorge > > > -- > Jorge González Villalonga > Ingeniero de Sistemas / Systems Engineer > Red Hat Certified Engineer #140-183-666 > Móvil / Cell: (+34) 672 173 200 > > La información contenida en este mensaje y/o archivo(s) adjunto(s) es > confidencial/privilegiada y está destinada a ser leída sólo por la(s) > persona(s) a la(s) que va dirigida. Si usted lee este mensaje y no es el > destinatario señalado, el empleado o el agente responsable de entregar el > mensaje al destinatario, o ha recibido esta comunicación por error, le > informamos que está totalmente prohibida, y puede ser ilegal, cualquier > divulgación, distribución o reproducción de esta comunicación. Le rogamos que > nos lo notifique inmediatamente y nos devuelva el mensaje original a la > dirección arriba mencionada. Gracias. > > -- > users@sogo.nu > https://inverse.ca/sogo/lists -- Jens Erat [phone]: tel:+49-151-56961126 [mail]: mailto:jens.e...@uni-konstanz.de [jabber]: xmpp:jens.e...@uni-konstanz.de [web]: http://www.jenserat.de OpenPGP: 0D69 E11F 12BD BA07 7B37 26AB 4E1F 799A A4FF 2279 smime.p7s Description: S/MIME Cryptographic Signature
[SOGo] Plain text view of GPG encrypted messages
Good evening, I have searched for this issue on the list archives but I found nothing related (it seems). So here I go: I have a Sogo installation and most of my users are using Mailvelope extension for encrypting their emails. THey have correctly added the SOGO webmail page to their list of Mailvelope pages so that it detects and decrypts the messages. Mailvelope normally runs by detecting in realtime HTML elements which contain a PGP ASCII-armored message or signature, and it "hijacks" the frame or container where it is, decrypting the contents and showing the decrypted version instead. Question is, for this to work, the webmail in question has to show the encrypted ASCII-armored message, so that Mailvelope detects it. SOGo does not do this: instead it shows a blank email with an "untitled" attachment and no more info. I have seen in the logs messages about SOGO not finding a default viewer for content of that type. For now, I have shown my users a trick: get to show the message source, and this is recognized by Mailvelope and the message shown. But it would be nice if the users did not have to jump through these hoops. My question is: can SOGo be configured in a way such that the default viewer for a mail part is to show the text in ASCII form? Most webmails do this (that's why Mailvelope works so well :-), including Gmail. Thanks in advance Regards Jorge -- Jorge González Villalonga Ingeniero de Sistemas / Systems Engineer Red Hat Certified Engineer #140-183-666 Móvil / Cell: (+34) 672 173 200 La información contenida en este mensaje y/o archivo(s) adjunto(s) es confidencial/privilegiada y está destinada a ser leída sólo por la(s) persona(s) a la(s) que va dirigida. Si usted lee este mensaje y no es el destinatario señalado, el empleado o el agente responsable de entregar el mensaje al destinatario, o ha recibido esta comunicación por error, le informamos que está totalmente prohibida, y puede ser ilegal, cualquier divulgación, distribución o reproducción de esta comunicación. Le rogamos que nos lo notifique inmediatamente y nos devuelva el mensaje original a la dirección arriba mencionada. Gracias. -- users@sogo.nu https://inverse.ca/sogo/lists