encrypted email is not automatically decrypted in outlook and I have to use Kleo

anon61628024 · June 15, 2021, 1:53pm

Hi all,
encrypted email coming from my customer miss the lock icon in outlook, and is not automatically decrypted. I have to open Kleopatra 's notepad, paste the content to decrypt it. Kleopatra correctly imported the public key of my customer. if I try to send an encrypted email to me, it has the lock icon as it should be. I cannot figure out where is the error, can you please help me?

bernhard · June 17, 2021, 1:51pm

HI Gianluca,

this sounds like the sender does not use the standard format OpenPGP/MIME,
so GpgOL cannot detect that there is contents it should try to decrypt.

This is why it works, if the email comes from you, Gpg4win uses OpenPGP/MIME itself to send emails.

There is a detection of decryptable contents in GpgOL for other cases, however it cannot be perfect. So you know which email application your customer is using?

Best Regards,
Bernhard

anon61628024 · June 22, 2021, 8:13am

Ni Bernhard,

sorry for the later of my reply, but I was waiting the reply from the customer:

Hi Gianluca,

We’re using a custom PGP gateway solution, which the backend is running on openPGP.
As manual decryption via another method is possible, this means data encryption\decryption is working fine.
But as GPG4Win is not able to do an autodecrypt, this means the plugin cannot detect the mails as PGP format. From your screenshot below, it looks like your mail system is pre-pending a disclaimer for any incoming mail from external  “Message originates from outside our organization….”
This might be interfering with the GPG4Win plugin to detect the mail as PGP.

Hope this helps.

Do you think gpg4win could have problem on decrypt because of the banner?

Regards

bernhard · June 22, 2021, 8:34am

Hi Gianluca,

Do you think gpg4win could have problem on decrypt because of the banner?

yes, I think so. Again: the gateway solution should create OpenPGP/MIME emails,
which is the current standard.

The problem with GpgOL detecting the non-mime encrypted part in the body of the email is that there maybe relevant information before that body and we have no good way of showing this. So if there is an email with

  Some very interesting infos here.

  -----BEGIN PGP MESSAGE-----
  ...

The “Some very interesting infos here.” line would be lost, which is a usability problem.
And there are many other variants how some products encrypt emails. While there is a standards for a reason.

Regards,
Bernhard

anon61628024 · June 22, 2021, 8:36am

What’s your suggestion to fix the problem? remove the banner?

bernhard · June 22, 2021, 9:16am

If possible switch to OpenPGP/MIME.
Else try removing the banner.

anon61628024 · June 22, 2021, 9:28am

where should I swap on openpgp/mime? on the customer side?

anon61628024 · June 22, 2021, 12:04pm

The problem was fixed by removing the banner, thanks for your support

bernhard · June 22, 2021, 12:52pm

Good! You are welcome!