Can't decrypt message received in Outlook 2016

Hi, my colleague just figured out, why one cannot copy the body of an (with a former version of GPG4Win/GPGol) encrypted mail and decrypt it via Kleopatra and clipboard: There is no real line break between “Version: GnuPG v2” and the encrypted content: Once you hit enter between the lines the content can be decrypted - we suspect it is the same behaviour as with the plugin.

Best,
Carsten

Hi Carsten,
thanks for help to analyse the issue!

As towards the updating: Overall it is important that software can be updated.
We have fixed a number of smaller and larger defects, some security relevant
with the minor releases of Ggpg4win. So an update is the first options for several reasons.
I agree that there are circumstances where an update cannot just be done, though.

Your case seems to be slightly different that Jorge’s as he reported that using the clipboard as a fallback works.

As for line-endings, please note that Outlook as an option to hide some line-endings, are you sure that you have disabled this option when checking the issue?
(As for diagnosing problems: it is quite difficult to see a raw email message that Outlook has gotten from Exchange or and IMAP server. What kind of transport are you using?)

The messages in your local (pst-Storage) are different from the messages send over the wire.

Best Regards,
Bernhard

OK guys I just confirmed the line brake issue. This is correct if the message came in as HTML (there is no real line brake), Kleopatra will not even give the option to decrypt from the keyboard. However, if the message came in as plain text it works fine.

Hi Bernhard,
We’ve been doing some testing and here are the results (my partner still in 2.2.5 and I’m in 3.0):
Changed his setting to send in plain text but my 3.0 plug-in still doesn’t recognize the message as encrypted. The header shows MIME-Version: 1.0
I can copy to clipboard and use Kleopatra to decrypt it without issue though.
If he sends a message as an attachment, right clicking on the attachment brings the option to derypt and this works fine.
Set my outbound to “Send OpenPGP mails without attachments as PGP/Inline” as suggested but he still receives the message as an attachment although he can save it and decrypt it.
Hope this helps to give you a better picture of what’s going on.
As somebody else said please understand that we can’t ask our clients to upgrade.

Hi Bernhard,

you might now realize that Jorge and I have the exact same problem. We are using Outlook 2016 with Exchange, Transport is RPC/TCP. Would be great of you to consider this a bug, because of it’s major impact.

Best,
Carsten

PS: Bernhard, gerne stehe ich ab KW43 als Sparringspartner in der Sache bereit: Ihr habt eine tolle Software, die aktuelle Situation ist aber sehr problematisch für uns.

Hi Jorge,

thanks for your testing. This is helpful because there are so many
real world settings out there, that our testing cannot cover all cases!

Can you send me encrypted emails from your partner that are encrypted
to you and to me (see bottom of http://intevation.de/~bernhard/index.en.html
for my pubkey and email address).

2.2.5 ist old, though, what is the reason your communication partner cannot upgrade?
(I’m just interested to learn about this, 2.2.5 may have defects, the new GpgOL ist much better.)

Best Regards,
Bernhard

Hi Carsten,
[I’m sticking to Englisch in this Forum as courtesy to the other readers]!

Again thanks for reporting!
We are taking all feedback seriously, because know that there may be
defects hidden somewhere (all software has them).
User feedback has let to a number of very important improvements
during the beta and release-candidate phases. Gpg4win 3.0.0 is a big
step forward, so even with testing and pre-release phases, there will
be some problems left.)

To restate your problem description:
a) You are getting emails from someone you cannot decrypt.
What do you know about the senders (computer settings)?
Gpg4win 2.3.2? Outlook 2016 (or Office365)? Send via Exchange or SMTP to
their server?

 You are trying to decrypt it with Gpg4win 3.0.0 Outlook 2016 Windows?

b) You cannot decrypt emails in your storage.
Only emails you have send? Send with which version?

Best Regards,
Bernhard

From: Bernhard Reiter

Hi Carsten,
[I’m sticking to Englisch in this Forum as courtesy to the other readers]!
[CD] Fine.

Again thanks for reporting!
We are taking all feedback seriously, because know that there may be defects hidden somewhere (all software has them).
User feedback has let to a number of very important improvements during the beta and release-candidate phases. Gpg4win 3.0.0 is a big step forward, so even with testing and pre-release phases, there will be some problems left.)
[CD] Excellent, thank you.

To restate your problem description:
a) You are getting emails from someone you cannot decrypt[CD] .
[CD] As I mentioned, also my very own ones.

What do you know about the senders (computer settings)? Gpg4win 2.3.2? Outlook 2016 (or Office365)?
[CD] Gpg4win 2.3.2 and Outlook 2016 (not Office365)

Send via Exchange or SMTP to their server?
[CD] Exchange via RPC/TCP

You are trying to decrypt it with Gpg4win 3.0.0 Outlook 2016 Windows?
[CD] Exactly

b) You cannot decrypt emails in your storage.
[CD] Storage or .pst , doesn’t matter!

Only emails you have send? Send with which version?
[CD] No, all encrypted mails I have send or received with Gpg4win 2.3.2 (and very probably older versions) and Outlook 2016 (and very probably older versions).

Best Regards,
Bernhard

PS: Will be available and answering again from the 23th of October on.

Dear Carsten,

if Gpg4win 3.0.0 gives you problems detecting emails to decrypt,
please stick with 2.3.4 for now until we can test, reproduce and remedy the issues.

Technically your emails are probably not lost, they are just not detected as crypto emails.

Thanks for your offer to help us as a testing partner.

Best Regards,
Bernhard

Hi Bernhard,
I’m preparing the requested test and will send a bit later today.

Re your comment about the 2.2.5 version the reason we keep using it is because it works fine. It’s attached to Outlook and the Add-in shows in the ribbon. I can’t say the same when I tried to install 2.3.2 or 2.3.4 in other machines, the Add-in shows as enabled in Outlook but there is no way that it will show in the ribbon. I tried several different approaches but it doesn’t work (installed GPG4win running it as an admin, repaired MS Office, re-installed MS Office). However we have 2.3.2 installed and working in other machines. I’m assuming this must have something to do with some Outlook -aka Microsoft Office- update or even the Windows 10 version/build (In one of the machines running 2.3.2 the Add-in disables itself so you have to re-enable it which lasts until you re-start Outlook, and this started a few days ago). So I took the old approach: “If it’s working don’t fix it” .
Hope this helps
Regards

Jorge

Hi Bernhard,

We continued testing and uncovered a major issue in 3.0 .It is possible to send a message that is not encrypted even if you clicked in the encrypt button in Outlook. The software will send the message unencrypted without any warning! This is unacceptable. We should get a message indicating that the encryption failed and Outlook should not send it!. I investigated and found out that in settings the box “send encrypted messages by default” was checked. Maybe this was the reason for the behavior. I unchecked it and the encryption worked. However, there should be no way to send a message without encryption when I clicked on encrypt. This is extremely worrisome, we can’t use the software without a fix for this.

Hi Jorge,

Can you state how exactly you managed it to send an unencrypted EMail, even when you clicked the encryption option, so we can recreate this, file a bug report and fix it?

Best wishes,
Jochen

Hi Jochen,

I created the message, then clicked the secure button, got the pull down, clicked encrypt, and pressed send. There was no pop up requesting to confirm sender and receiver, the message was sent unencrypted. Please note my explanation in my previous message regarding the GpgOL settings where I mentioned that the box “Encrypt new messages by default” was checked (maybe two simultaneous requests to encrypt created the issue?). When I unchecked that box messages were sent encrypted again. However, as I mentioned before, no situation should permit sending an unencrypted message without a warning when I intended to encrypt it. Additionally, I believe GpgOL settings should not be accessible to a regular user. Hope this helps to clarify
Regards

I have the same problem, Outlook 2016, gpg4win 3.0.1. A user is sending from a 2.x version of gpg4win, and the inline message is not decrypted.

I think I may have found the problem. I took the content of the inline email, and created a text file, tried to decrypt it, but it didn’t work. Tried the decrypt from the Clipboard, and the option was greyed out.

Then I deleted the “Version: xxx” line on the file, and I could decrypt the message without problems. And also I could decrypt right out of the Clipboard.

Maybe this will offer a clue?

Please let me know if you are able to find out a fix to this.

Best regards,

Luis Carlos

Hi Jorge,

can you retest with Gpg4win 3.0.1, we have fixed a number of defects
including some that will have the effects you have been reporting!

Thanks again for reporting!
Best Regards,
Bernhard

Hi Luis,

thanks for your observations!

We will see if this helps us the reproduce the remaining issues.
As there are several possible causes why Gpg4win may not decrypt
a received message, I guess we should try to open new discussion threads
that are more specific. :slight_smile:

Best Regards,
Bernhard

Hi,

this sounds like a problem we have already reported in the Issue tracker ( https://dev.gnupg.org/T3419 ) it appears that GpgOL might not detect some Inline PGP Mails.

There are some valuable hints there (linebreak etc) in this issue which might help to reproduce the problem. We have this on high priority and want to fix it / make it more robust for the next release.

Thanks,
Andre

I did some experiments with HTML Mails, Leading Text, Trailing Text etc. Everything worked fine for me.
If you could attach a problematic mail (saved with Save As in outlook or better yet with another client as an .mbox file) it might help me to see the problem. I don’t have to be able to decrypt that message.

Thanks

One user sent me mails through which I could reproduce and fix the problem (see https://dev.gnupg.org/T3419 )

An updated gpgol.dll (at least 2.0.4-beta13) is available under https://files.gpg4win.org/Beta/gpgol/

Thanks for your patience and if you still experience problems with that version please let us know. Outlook always has some surprises in store :wink: