Re: [Tails-dev] [Tails-support] PGP MIME is insecure (for me…

Delete this message

Reply to this message
Author: sajolida
Date:  
To: The Tails public development discussion list
Subject: Re: [Tails-dev] [Tails-support] PGP MIME is insecure (for me)
Jeff Anderson:
> === quote ===
> Brian Morrison 2014-07-15 17:14:27 CEST
>
> The way to fix this is to create a local MH mailbox on your machine
> and point the sent and queue (and any others you want) to that local
> mailbox. Then your encrypted mail will not be stored on the IMAP server.
>
> === end quote ===
>
> This worked very well and was easy to setup. It allows you to continue to
> use "MIME" instead of "inline" PGP with claws, and stores the Drafts or
> Queue/Outbox messages locally.


This reminds me of
https://tails.boum.org/doc/first_steps/persistence/configure#index5h2
but I'm not sure whether this warning is complete correct and could be
improved.

I know that BitingBird has been working on the email client
documentation, see #7694): https://labs.riseup.net/code/issues/7694

So maybe now is the time to improve on this. The current development
draft is accessible on
https://git-tails.immerda.ch/tails/tree/wiki/src/doc/anonymous_internet/claws_mail.mdwn?h=doc/7694-email_client

> I spoke with someone at claws and they told me that this is a known issue.


Is it well documented on their side?

> It has something to do with the fact that once you encrypt a message for
> the receiving party, you may not be able to decrypt it yourself. A message
> in the 'drafts' folder is incomplete by definition and may need to be
> re-opened by the sender in plaintext to make adjustments. So the message
> cannot be fully encrypted while in the draft section.


A usual trick to prevent this is to encrypt messages for yourself as
well as for the receiver. Is there any option for that in Claws maybe?

> Anyhow, the best solution is to create a local mail folder and redirect
> drafts and queued messages to this. It may be a good idea to mention this
> somewhere in the Tails docs, as I think most users of Tails will probably
> want their emails to be encrypted prior to leaving their local box.