Hello, I was using Claws with PGP MIME. I am setup to use IMAP (not POP). I prepared a message and set it to encrypt the content. Then I selected "Send Later". The message went into the Queue folder.
Then I right click the message in the Queue folder and select "View->Message Source". I see the plaintext content and I see my PGP Signature below. I worry that this is viewable on the mail server side... so I login through Squirlmail web interface. I go to the Queue folder. I see the content of my email and it is not encrypted. I think the above is a security issue. It means that any system administrator on the mail server side should be able to extract the plaintext Body content from all my emails. ======= PGP Settings: I have the following checked/selected under Account->Privacy: Default privacy system: PGP MIME - always Sign messages - always Encrypt messages - always sign messages when replying to a signed message - always encrypt messages when replying to and encrypted message - encrypt sent messages with your own key in addition to recipient's And Account->GPG: - Select key by your email address And Preferences->GPG - Automatically check signatures - Use gpg-agent to manage passwords - Display warnings on start-up if GnuPGP doesn't work ======= My solution was to switch from "PGP MIME" to "PGP Inline" for the Privacy preference in the Mail Account settings. On viewing a PGP Inline sample in the Queue, I no longer see the plaintext body content. ======== Perhaps another solution is to use POP instead of IMAP. As maybe the Queue or outbox or whatever is not visible on the server side. ======== I am wondering if this issue is mentioned anywhere in the Tails documents online. As I think this is a pretty big hole for those expecting to use Claws and PGP to safely encrypt content that cannot be viewed by a 3rd party. ======== I appreciate your time, Jeff Anderson
_______________________________________________ tails-support mailing list [email protected] https://mailman.boum.org/listinfo/tails-support To unsubscribe from this list, send an empty email to [email protected].
