Image is missing from PGPexch.htm.pgp

Hi acme,

the src="cid:... is an embedded image, as least this is what I’ve found when searching the web and a related RFC is https://www.rfc-editor.org/rfc/inline-errata/rfc2392.html .

To make the image seen (manually), you’d need to find the image data in the email, decode and safe it to disk and then change the src part in the HTML to point to this file.

I don’t know where it is either, you could try to look for image001.png or 01D6FBC0
in the mail or saved attachments, even within the HTML file.

Sorry to not be of more help.

Best,
Bernhard

Hi Bernhard,

I really appreciate what you have done.
I searched all places I can imagine but still failed to find the image.
I am giving it up.

Hope someone in the future can help me or I may turn to GPG4o or Symantec Desktop.
In fact, I have tried GPG4o trial version and it just works fine.
Symantec Desktop is doing well too (because I always call help to my colleague, a Symantec user, to forward the decrypted mail to me)

Thank you again~
Acme

Hi Acme,

hopefully in the future, your recipient will switch to sending a standard format.
(As the format used will not be parsed by other crypto clients as well.)

The next step of debugging would be, if you could get an email from your recipient encrypted to us, so we can at least search for the structure. But has you wrote, your recipient is not cooperating with you, so it is probably not an option.

Best Regards,
Bernhard

Hi Bernhard,

Is the standard format you are talking about “OpenPGP/MIME format”?

I am wondering if I did anything wrong on the configuration of GpgOL.
The GpgOL on my outlook is version 2.4.8.
All configurations are unchanged with default value.

I just noticed that the check box of “Enable the S/MIME support” is unchecked.
Should I enable it? I am not sure whether it is related to encryption (send email) or decryption (receive email) or both?

Also there is another option “Send OpenPGP mails without attachments as PGP/Inline” which is also unchecked.
This looks like exactly what I want from my recipient.
Otherwise their emails are always decrypted in plain text with a encrypted attachment.

OK, I just enable the S/MIME support and nothing changed. Is the option applied to the emails which are downloaded from the mail exchange server to my local disk already?
Or maybe this option has nothing to do with the missing image of the decrypted email.

Regarding the next step of the debugging, I am a bit confused about the request.
Do you want me to send you an encrypted email which is sent by my recipient?
Or do you want me to send you an email which is decrypted by my local GpgOL where the image is missing? I think I can not do that either way since the mail is quite confidential (that’s why they are encrypted). I think I could locally use proper editor to show you the structure you mentioned. Do you think it makes sense?

Thanks,
Acme

Hi Acme,

regarding the format: Yes, “OpenPGP/MIME” is the standard format your sender should be using. (Your settings were default and good, please do not change them.) (I mixed up “sender” and “recipient” partly in my last message, sorry for the confusion.)

Because the existence of an attachment called “PGPexch.htm.pgp” means that the sender
did not use “OpenPGP/MIME”.

Regarding further debugging:
To where the image would be in the data and if it is there at all, we would need to have a test email which is encrypted to us, with the same structure. (Of course with only non-sensitive data, this is why I wrote it would mean to ask your sender to send such an email with the same configuration to a different address, which is unlikely).

Best,
Bernhard

Hi Bernhard,

For debugging, do I also need your public key so that you could decrypt it?
I am thinking to ask my colleague to help me reproduce the problem with Symantec Desktop which I guess the sender is using.
(My colleague is lucky to have the last Symantec license in my office…)

Thanks,
Acme

Hi Acme,

yes, you’d need to encrypt to me (or Andre) or one of the test key pairs, where both the public and the secret key is available for everyone to decrypt, e.g. https://wiki.gnupg.org/SampleKeys

(You’ll find my public key here https://intevation.de/~bernhard/bernhard_gpgkey.asc
or via WKD: :slight_smile:

Best,
Bernhard

Hi Bernhard,

I can access sample key and your public key, no problem.

But there has been a three days holiday in my country.
I will get back to you when I could reproduce the problem ASAP.

BTW, would you please give me your email address again?

Thanks,
Acme

Hi,

no hurry.

BTW: If the email was encrypted with the sample key, you could publish it
in mbox format (if you can get it this way, raw format).

Anyway, for my contact data, see https://intevation.de/~bernhard/index.en.html

Best,
Bernhard

Hi Bernhard,

My colleague and I just reproduce the issue with Symantec Desktop.
I decide to use Alice’s public key (from https://wiki.gnupg.org/SampleKeys) and send the encrypted email to Alice (alice@gpg4win.de).

I hope it will also work for you.

BTW, before we proceed, I would like to make sure the GPG4win is totally free to use even we plan to use it for business. Is my understanding correct?
Any illegal usage of a software is not allowed in my company. :slight_smile:

Thanks,
Acme

Hi Acme,

using the sample key and sending it to alice@gpg4win.de should work for me.

All components in Gpg4win are “Free Software” (from the meaning of “liberty”) and you
can use the common version without mandatory fee.
For the precise legal terms, see https://www.gpg4win.de/license.html

  • We ask people to pay something volunteeringly, so we can keep this service and the maintenace up.
  • There are additional paid-for services, e.g. when you need Gpg4win for many work places and high or very high security setting, we recommend you check into the “GnuPPg VS-Desktop”, to ensure operating support, see https://gnupg.com/index.html

Again, summarized: Yes, you are allowed to use Gpg4win without fee for business use.

Best Regards,
Bernhard

Hi Bernhard,

Thank you for giving me a explicit summary in the end of your post!!
It is weird that my colleague and I can not send an encrypted email to Alice ( alice@gpg4win.de).

So I just tried to send you an email.
It seems the sending process is successful and no error message is shown this time.
I will ask my colleague to send you the test mail again later.

Thanks,
Acme

HI Acme,
your two testing emails arrived.
(For me to be able to encrypt back to you, I’d also need your public key, you could just attach them.)

The test mail I’ve got has two attachments:
Attachment1.pgp
PGPexch.htm.pgp

decrypting them both manually (not on windows), and then replacing
src=“cid:image001.png@01D7624C.32C3FAA0”
with
src=“./Attachment1”
I can see the HTML with the image.

So your problem is that you cannot see “Attachment1.pgp”? So you are
unable to save if from your GpgOL?

Best Regards,
Bernhard

Hi Bernhard,

Yes! I never get the file - “Attachment1.pgp”.
Is there any configuration in GpgOL I should check?

Thanks,
Acme

Hi Acme,

this maybe a problem specific to GpgOL when used with Exchange as mailtransport.
(As the attachment maybe stored and transported differently from exchange to outlook.)

Can you try the latest Gpg4win 3.1.16, if you haven’t done so far?

Can you enable debugging output and look for interesting entries,
see https://wiki.gnupg.org/TroubleShooting#Enable_GpgOL_debugging
(Only send the relevant parts to me and check that there is no sensitive data in there.)

Regards,
Bernhard

Hi Bernhard,

I just upgraded to 3.1.16 and nothing is changed.
The log file was sent to you by email.

I see messages showing the encrypted image “Attachment1.pgp” but I can not debug further.

20:40:21/3484/mapihelp.cpp:mapi_create_attach_table: message has 3 attachments
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4be8
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4e68
20:40:21/3484/DBG_OOM/mapihelp.cpp:mapi_create_attach_table:2595 AddRef on 00000243ae6f4fa8
20:40:21/3484/mapihelp.cpp:mapi_create_attach_table: attachment info:
20:40:21/3484/ 529093 mt=0 fname=Attachment1.pgp' ct=image/png’ ct_parms=(null)' method:1 20:40:21/3484/ 529125 mt=0 fname=PGPexch.htm.pgp’ ct=(null)' ct_parms=(null)’ method:1
20:40:21/3484/ 531173 mt=4 fname=GpgOL_original_OpenPGP_message.txt' ct=(null)’ ct_parms=`(null)’ method:1

Please let me know if you need more information.

Thanks,
Acme

Hi Acme,

thanks for the debugging infos, I’ve created a tickets for this as it is a potential defect in GpgOL:

https://dev.gnupg.org/T5493

Note that it may take 2-3 weeks until we can act on this (because it is vacation time here in the summer).

Until then, you could try to use a different email client, like claws for windows
to access your exchange via IMAP and get the email in a more complete way as a
workaround. It is not very comfortable, but just in case you needed it urgently.
(Please still be aware that senders should better switch to OpenPGP/MIME and that opening HTML files can be a security problem.)

Best Regards,
Bernhard

Hi Bernhard,

I really really really appreciate what you have done!!
And thank you for the prompt response all the time.

If you need someone to give the fix a try, please let me know.
(In case I may not visit this webpage for a while, you can find me by personal email).

Thank you for also providing a workaround before the problem is fixed. I’ve learned something from you for being considerate on this topic.

(If I really need the complete decrypted email with images embedded, I will ask my colleague who has the last Symantec license to forward the decrypted mail to me.
I believe I will not bother him frequently within those weeks.)

Thanks,
Acme

Hi Acme,

you are welcome!

And I thank you as well, as we need people that help us understand where Gpg4win can be made better. (Our goal of course is to allow communication and be compatible, if we can.)!

(Take note that our work is partly funded by those who chose to pay/donate for Gpg4win.)

Best Regards,
Bernhard

Hi Bernhard,

Totally understood.
As a first step, I will suggest more people in my company to use GPG4win.
The more people using it, the higher possibilities the company will choose to pay/donate for GPG4win.

Thanks,
Acme