Jump to content

How to: gmail + pgp + mutt (command line mail client)


Recommended Posts

Hello Everyone. I am not sure if this is the appropriate forum to post a howto in, so if it isn't please let me know, and I will re-post. After mailvelope turned out to be pretty buggy, and watching mubix display stored private keys, I decided I wanted to go a different route to send encrypted email. I have a ubuntu vps I use frequently, and wanted to find a command line mail client that would allow me to send encrypted mail via pgp. After some web searches I found a few howto's setting up gmail, mutt and pgp. The howto's are fairly old, but I did a hak5 forum search for pgp, and didn't see any other howto's. The two that where most helpful are http://jrom.net/gmail-in-mutt and http://lifehacker.com/5574557/how-to-use-the-fast-and-powerful-mutt-email-client-with-gmail . I thought I would take a stab at writing my own how to for anyone else interested in this setup. Feel free to ask questions.

I ended up installing performing this setup twice. Once on my ubuntu vps server, and another time on my xubuntu laptop.

1. To start off we will want to grab the mutt package

r00tusr@cloudbox# sudo apt-get install mutt

(If you are setting up postfix for the first time, you will be prompted for what type of mail configuration you want, choose: local only)

2. Now create the directories that will be used by the mutt client (used for storing headers, bodies, and certs)

r00tusr@cloudbox# mkdir -p ~/.mutt/cache/headers

r00tusr@cloudbox# mkdir ~/.mutt/cache/bodies
r00tusr@cloudbox# touch ~/.mutt/certificates

3. Then we setup the main configuration file to be used with mutt. (The lifehacker link has links to sample config files. It also explains that uk users need some different configuration file settings. When I looked at the different two of the variables use Google Mail, instead of GMail). We also need change the permissions of the config to 700 because the file stores sensitive account information. If you do not specify passwords in this file, it will still work, but you will be prompted each time you make a connection to the server.

r00tusr@cloudbox# touch ~/.muttrc

r00tusr@cloudbox# chmod 700 ~/.muttrc

r00tusr@cloudbox# vi ~/.muttrc

(Copy and Edit the config below, and save them to your ~/.muttrc file)

# Config create with examples from:

#Your Gmail account details
set imap_user = "EMAILADDRESS@gmail.com"
set imap_pass = "PASSWORD"
set smtp_pass = "PASSWORD"
set from = "EMAILADDRESS@gmail.com"
set realname = "Name"
# Setup your favorite editor to write email bodies
set editor = "nano"
# Basic config, you can leave this as is
set spoolfile = "+INBOX"
set imap_check_subscribed
set hostname = gmail.com
set mail_check = 120
set timeout = 300
set imap_keepalive = 300
set postponed = "+[GMail]/Drafts"
set record = "+[GMail]/Sent Mail"
set header_cache=~/.mutt/cache/headers
set message_cachedir=~/.mutt/cache/bodies
set certificate_file=~/.mutt/certificates
set move = no
set include
set sort = 'threads'
set sort_aux = 'reverse-last-date-received'
set auto_tag = yes
ignore "Authentication-Results:"
ignore "DomainKey-Signature:"
ignore "DKIM-Signature:"
hdr_order Date From To Cc
alternative_order text/plain text/html *
auto_view text/html
bind editor <Tab> complete-query
bind editor ^T complete
bind editor <space> noop
# Gmail-style keyboard shortcuts
macro index,pager y "<enter-command>unset trash\n <delete-message>" "Gmail archive message"
macro index,pager gi "<change-folder>=INBOX<enter>" "Go to inbox"
macro index,pager ga "<change-folder>=[Gmail]/All Mail<enter>" "Go to all mail"
macro index,pager gs "<change-folder>=[Gmail]/Starred<enter>" "Go to starred messages"
macro index,pager gd "<change-folder>=[Gmail]/Drafts<enter>" "Go to drafts"
#Setup mail client to use PGP
source ~/.mutt/gpg.rc

4. Now we need to create the gpg.rc file that is referenced in the last line of the config file above. This file is what allows mutt to integrate with pgp. We will copy the example file that comes with the mutt package, and make no changes.

r00tusr@cloudbox# cp /usr/share/doc/mutt/examples/gpg.rc ~/.mutt/gpg.rc

5. Now we will generate our pgp keys.

First our private key. (You can use the defaults or read up more on the options. Be sure to choose a strong password)

r00tusr@cloudbox# gpg --gen-key

Then our public key. (You can upload this key to one of the key servers or place it on an external facing link for people to access. It will be saved in the .gnupg directory as pubkey.txt)

r00tusr@cloudbox# gpg --armor --output pubkey.txt --export 'r00tusr'

6. Now we have successfully configured mutt, we can add our email recipients public key into our key ring so mutt can see it. Copy your email recipients public key and save it as text file. I used r00tusr.txt as an example.

import the key file you created with the following command

r00tusr@cloudbox# gpg --no-verbose --import r00tusr.txt

7. Lets launch mutt and send out first encrypted email.

Launch mutt email client

r00tusr@cloudbox# mutt

To send a message type the letter m

enter an email: recipients_email@server.com

enter a subject: Test encrypted email

enter a email body: Encrypted email message!! (This is actually using nano as an editor so used ctrl+x and save file to exit)

Next to encrypt the message type the letter p

You will be asked to:

PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or ©lear?

Type the letter e to encrypt

(You will be prompted to choose a public key in the ring, choose the emai public key you imported above)

Next type the letter y to send the message

This should successfully send an encrypted email message. When you read an encrypted message you will be asked for the pass phrase you created with your privates key in step 5.

Cheers! :D

Edited by r00tusr
Link to comment
Share on other sites

Haha, I just went through all this about 3 months ago.

Check out: https://github.com/Sitwon/dot-files/blob/master/muttrc

and: https://github.com/Sitwon/dot-files/blob/master/mailcap

Basically the improvements over what you already have are:

1) Comment out "set record=..." or you end up with double-copies of all your sent mail.

2) Bind group-reply so you can reply-all when necessary: bind index,pager A group-reply

3) Sign everything by default:

set crypt_autosign=yes

set crypt_replysignencrypted=yes

4) Setup a ~/.mailcap file for viewing HTML and images. Pandoc is a cool utility that can convert HTML to Markdown (or vice versa, among dozens of other potential conversion). When viewing HTML in the pager it will use pandoc by default, or you can hit 'v' to view attachments, select the HTML message part, and hit 'm' to force it to open in the browser. For images, just selecting them and hitting enter will open them in an image viewer (I use 'feh').

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...