Force PGP in Neomutt
I recently started experimenting with PGP (Pretty Good Privacy) encryption over email with the neomutt mail client. I used this tutorial to get started, but I've encountered a problem I've seen no discussion on.
The Problem
(neo)mutt is very good at obeying mimetype standards, but other programs not so much. Incoming mail sent with PGP encryption which doesn't have the proper mime encoding isn't automatically recognized and decrypted by neomutt
You could manually pipe the message to gpg --decrypt but this feels clunky. I have found a better way to force the email
to be decrypted directly in neomutt. It's simple.
Notes
My instructions below use standard shortcut keys, but here are the relevant actions incase it helps you.
-
'e' does
exec edit-or-view-raw-message -
^E does
exec edit-type
Permanent Decryption
In this method, the mail will remain permanently recognized as PGP, and therefore always decrypted in neomutt.
- With the mail highlighted or open, press e to edit the message
- look for the Content-Type header. Ensure it is not multipart.
- If it is, then look for another Content-Type header that has encrypted data
- change the Content-Type to
application/pgp-keys
The mail will now be decrypted permanently in neomutt.
Permanent decryption doesn't decrypt the stored file itself (but you can do that with <decode-copy> and <decode-save>
You can change the Content-Type back at any time to view the original content.
Temporary Decryption
In this method, the mail will be decrypted for as long as you remain in the mailbox
- With the mail highlighted or open, press ^E.
- Ensure the Content-Type is not multipart.
- If it is, then go to attachments and find the one you want to decrypt. Press ^E
- set the Content-Type to
application/pgp-keys
The mail will now be decrypted in-app until the mailbox is closed.
That's it! Let me know if you enjoyed this or found an even better way!