2 title: email - towards a less terrible setup
6 # **prelude - the used presentation toolchain**
8 ## *how to make presentations easier, faster and more awesome in general*
11 * patat (uses pandoc to convert from $WHATEVER to terminal-presentation)
12 + https://github.com/jaspervdj/patat
13 * mdp (uses a specific markdown-flavour for terminal-presentation)
14 + https://github.com/visit1985/mdp
15 * tpp (uses a own dialect, more control over presentation)
16 + https://github.com/cbbrowne/tpp
17 * hovercraft (converts reStructuredText to impress.js, needs the GUI)
18 + https://regebro.github.io/hovercraft/
21 ### Chosen presentation software
23 <!-- :.!man patat | head -n 26 -->
26 patat - Presentations Atop The ANSI Terminal
29 patat [*options*] file
33 * Next slide: space, enter, l, →, PageDown
34 * Previous slide: backspace, h, ←, PageUp
35 * Go forward 10 slides: j, ↓
36 * Go backward 10 slides: k, ↑
51 ## *whoami and why that setup*
54 ## *howto $WHATEVER -> maildir*
57 ## *access online folders*
72 ## *notmuch or mu (maildir-utils) or mairix*
86 # **whoami and why that setup**
90 * used different (non-linux) os
91 * restrictive environments (cannot install software)
92 * multiple languages (use of many non-ASCII-characters)
94 * used different email-clients
95 * webmail with saved messages
97 * single messages (.msg)
98 * message archives (.pst)
100 * single messages (.eml)
101 * message archives (.mbox)
105 having an email-setup, which fulfills the following demands
107 * not lose any data (although being old)
108 * convert everything in a common file format
109 * use the same data structure for in-use emails and archived emails
110 * be able to perform incremental backups
111 * no risk of vendor-lock-in (use only FLOSS-tools in Debian-main-repositories)
112 * separation between configuration and email-data
113 * not resource-intensive while fast
114 * being able to handle > 100K of messages
116 * if possible: CLI/TUI-tools
118 *solution: in a first step, convert legacy messages to maildir*
126 # **howto $WHATEVER -> maildir**
131 detox - replace problematic characters in filenames
135 * -r recurse to subdirectories
138 ## *msgconvert (libemail-outlook-message-perl)*
140 libemail-outlook-message-perl - module for reading Outlook .msg files
144 CAVE: msgconvert converts messages by default into .eml-files
147 ## *Mozilla Thunderbird (thunderbird)*
149 thunderbird: cross platform standalone mail application
152 start GUI -> install add-on ImportExportTools NG
153 right click on folder -> ImportExportTools NG -> "Import messages from directory (including subdirectories)" -> choose directory with .eml-files
154 right click on folder -> ImportExportTools NG -> "Export folder with subfolders (with structure)" -> choose directory for creating .mbox-file(s)
156 CAVE: thunderbird stores messages by default in the .mbox-format, so exporting is strictly speaking not needed
157 CAVE: ugly, better toolchain needed (currently just workaround)
160 *current status: all messages converted from .msg/.eml to .mbox-files*
168 # **howto $WHATEVER -> maildir**
171 ## *readpst (pst-utils)*
173 pst-utils: tools for reading Microsoft Outlook PST files
177 * -8 output email bodies as UTF-8 instead of the original format
179 CAVE: readpst converts messages by default into .mbox-files
185 mb2md — Converts Mbox mailboxes to Maildir format
187 `$ mb2md -s $HOME/emails/sourcedir/ -R -d $HOME/emails/destdir/`
193 CAVE: mb2md does *NOT!* use relative paths from pwd, but from $HOME!
196 ## *jdupes or fdupes*
198 jdupes - identify and delete or link duplicate files
199 fdupes - identifies duplicate files within given directories (old)
201 `$ jdupes -rdN FOLDER`
203 * -r recurse to subdirectories
204 * -d delete duplicate files
205 * -N don't ask (noprompt)
207 CAVE: this will *DELETE!* the duplicate files, pause and think before executing this command!
210 *current status: all messages in maildir-format, deduplicated (if hashes were identical)*
220 *The GNOME foundation got sued by a patenet troll (Rothschild Patent Imaging, LLC) for using 'technology to transfer images'.*
223 * https://itsfoss.com/shotwell-lawsuit/
224 * https://www.patentprogress.org/2019/09/26/mythical-troll-attacks-gnome/
225 * https://www.pro-linux.de/news/1/27473/patentklage-gegen-gnome-foundation.html
226 * https://www.golem.de/news/shotwell-patenttroll-verklagt-gnome-foundation-wegen-fotoverwaltung-1909-144089-rss.html
227 * https://www.zdnet.com/article/leave-gnome-alone-this-patent-troll-is-asking-for-trouble/
228 * http://techrights.org/2019/09/25/microsoft-patent-troll-intellectual-ventures-gnome/
230 According to the techrights.org-source, Rothschild Patent Imaging, LLC, is connected to Microsoft
237 # **access online folders (using openssl)**
240 openssl - Secure Sockets Layer toolkit
243 *connect to the mail-server*
244 `$ openssl s_client -connect mail.example.com:993 -crlf`
246 * -crlf translates a line feed from the terminal into CR+LF as required by some servers
250 > 1 LOGIN MYUSERNAME MYPASSWORDINPLAINTEXT
253 `$ echo 'MYUSERNAMEMYUSERNAMEMYPASSWORDINPLAINTEXT' | base64`
254 cave: <return> has to be deleted, therefore this doesn't work currently as expected
256 to test the encoding use
257 `$ echo 'StringFromAbove' | base64 -d`
259 `> 1 AUTHENTICATE PLAIN StringFromAbove`
262 *list the name of all folders within the account*
265 <!-- cave: escape-character before '*' -->
268 *select a folder (e.g. inbox) to test if it works*
275 ## *troubleshoot the connection to each mail server in advance*
277 *take note of the configuration details for the later steps*
278 * user names (with or without the addition of ...@example.com?)
279 * used ports (hopefully 993)
280 * names of folder (Sent or Inbox.Sent or something else?)
283 *current status: all accounts are accessable online using openssl*
293 ## *general information*
296 alpine - text-based email client, friendly for novices but powerful
299 for creating debug-information use
301 alpine does *NOT!* store any credential information in its logs
303 configuration is done in-program and stored in $HOME/.pinerc
305 configuration is done using shortcuts (case-insensitive) or TUI
307 information available at *http://alpine.x10host.com/*
308 the latest release is available at *http://alpine.x10host.com/alpine/release/*
309 the latest development version at *https://repo.or.cz/alpine.git*
311 *the current developer and maintainer of alpine, __Eduardo Chappa__ (alpine.chappa@yandex.com or chappa@vfemail.net), is __extremely helpful__!*
314 ## *base configuration*
317 to add a collection list (aka folder):
318 *M* (main menu) - *S* (setup) - *L* (collectionLists) - *A* (add collection list)
320 to add a role (aka account details):
321 *M* - *S* - *R* (rules) - *R* (roles) - *A* (add)
323 nano ('pico') is the default editor
324 available commands are displayed below ('nano-style')
326 exemplary imap-access: *{mail.example.com/ssl/user=MY_USER_NAME}INBOX*
327 exemplary Fcc (sent): *{mail.example.com/ssl/user=MY_USER_NAME}INBOX.Sent*
328 exemplary smtp-access: *smtp.example.com/ssl/user=MY_USER_NAME*
330 multiple accounts can be created using the above mentioned scheme
343 the addressbook is located in *$HOME/.addressbook*
345 to convert from abook to alpine-addressbook use
346 `$ abook --convert --infile $HOME/.abook/addressbook --outformat pine | sed 's/,.*//' | sed 's/(//' > ~/.addressbook`
347 (the sed-command is needed if multiple email-addresses per name are stored)
350 ## *using ~/.pine\_passfile and ~/.alpine-smime/.pwd*
351 <!-- cave: escape-character before '_' -->
353 if compiled using `$ ./configure --with-passfile=$HOME/.pine-passfile`, passwords can be stored in that file if it exists (default in debian)
355 to use this feature, `$ touch ~/.pine-passfile`
357 the passfile is encrypted using the *$HOME/.alpine-smime/.pwd/MasterPassword.key*
359 the key is a *2048 bit RSA key* (`$ openssl rsa -text -in ~/.alpine-smime/.pwd/MasterPassword.key`)
361 private email to maintainer and talking about the security of 2048 bit RSA keys he replied:
362 *"I am happy to change the encryption to a higher degreeof encryption. That is not a problem. I can search in openssl how to do that. Should be easy."*
363 it might also be possible to do this manually, but I haven't tried it yet
365 the .pine-passfile can be *decrypted using openssl* (`$ openssl smime -decrypt -inform pem -in ~/.pine-passfile -inkey ~/.alpine-smime/.pwd/MasterPassword.key`)
366 data is obfuscated after encryption (this was the only security measure until some years ago, so beware of old forum posts)
377 ## *issues with alpine*
380 * not as flexible as (neo)mutt
381 * should be used as intended (cannot be completely re-configured)
382 * not as sexy (less perceived users, therefore less information online)
383 * if the email-server is not configured correctly, problems might arise
386 ## *why should anybody use alpine?*
388 if you want a TUI-based email program, consider alpine!
390 * very fast to set up
391 + `$ sudo apt-get install alpine && alpine`
392 * relatively easy to configure
393 + the configuration can be performed from within alpine
394 + general behaviour can be changed
395 + GPG-key-interaction and signatures can be used
396 + the editor can be changed
397 + additional customization (e.g. colors) can be used
398 * stores everything in one configuration file ($HOME/.pinerc)
399 + therefore easy to deploy
400 * the maintainer is awesome
404 *current status: ability to use a TUI email-client for reading and sending email*
412 isync - IMAP and MailDir mailbox synchronizer
413 the binary is called *mbsync*
415 alternative software - offlineimap
417 ## *configuration of mbsync using `$ touch $HOME/.mbsyncrc`*
420 Host mail.example.org
421 User #CAVE: SEE BELOW
422 PassCmd #CAVE: SEE BELOW
423 SSLType IMAPS # use secure IMAP
425 CertificateFile /etc/ssl/certs/ca-certificates.crt
431 for *User* use the username as found by the *openssl s\_client*-command
433 <!-- cave: escape-character before '_' -->
435 PassCmd "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only --pinentry-mode cancel ~/.password-store/email/TEST.gpg | head -n 1"
437 * --pinentry-mode cancel do not ask for passwords, just cancel
439 this setup can only be used together with a gpg-agent
441 this setup requires a file being stored in *$HOME/.password-store*, as this is done using *pass*
454 ## *add information on remote and local folders*
457 # ### Remote storage -------------------
459 IMAPStore TEST-remote
463 # ### Local storage --------------------
465 MaildirStore TEST-local
468 Path ~/SOMEWHERE/TEST/
469 # CAVE: The trailing "/" under 'Path' is important
471 #Inbox ~/SOMEWHERE/TEST/inbox
472 # CAVE: the name of the 'inbox' conflicts with the channel slave name!
473 # use this only, of no channels are used
481 ## *add information on the inbox-channel (remote and local folders)*
485 Master :TEST-remote:"INBOX"
486 Slave :TEST-local:inbox
489 # Automatically create missing mailboxes, both locally and on the server
492 # Automatically delete messages if deleted in other folder
495 # Save the synchronization state files in the relevant directory
498 # Don't download any email greater than this
501 # Will copy all the account as specified at under remote
504 #Patterns !* "INBOX*" "Sent*"
505 # Exclude everything except the folders mentioned
507 for remote foldernames use the names as found by the *openssl s\_client*-command
509 <!-- cave: escape-character before '_' -->
516 ## *add information on additional channels*
519 Master :TEST-remote:"Sent"
520 Slave :TEST-local:sent
528 Master :TEST-remote:"Draft"
529 Slave :TEST-local:draft
537 for remote foldernames use the names as found by the *openssl s\_client*-command
539 <!-- cave: escape-character before '_' -->
541 ## *group the channels into a single entity*
544 # Get all the channels together into a group.
559 test and debug a specific group or channel
563 synchronize messages of all groups
567 ## *synchronize messages automatically (as an alternative to cron-jobs)*
570 `$ touch $HOME/.config/systemd/user/mbsync.service`
573 Description=Manual mailbox synchronization service
577 ExecStart=/bin/sh -c '/usr/bin/torsocks /usr/bin/mbsync -aq'
578 ExecStartPost=ProgramToIndexMessages
581 `$ touch HOME/.config/systemd/user/mbsync.timer`
584 Description=Manual mailbox synchronization timer
592 WantedBy=timers.target
594 `$ systemctl start --user mbsync.timer`
595 `$ systemctl enable --user mbsync.timer`
596 `$ systemctl status --user mbsync.timer`
599 *current status: new messages get automatically synchronized to my computer*
609 *Lennart Poettering wants to take away your home directory*
612 Let's bring the UNIX concept of Home Directories into the 21st century. The
613 concept of home directories on Linux/UNIX has little changed in the last 39
614 years. It's time to have a closer look, and bring them up to today's standards,
615 regarding encryption, storage, authentication, user records, and more. In this
616 talk we'll talk about "systemd-homed", a new component for systemd, that
617 reworks how we do home directories on Linux, adds strong encryption that makes
618 sense, supports automatic enumeration and hot-plugged home directories and
623 https://www.theregister.co.uk/2019/09/25/systemd\_inventor\_home\_directories/
624 https://cfp.all-systems-go.io/ASG2019/talk/VSQRXA/
625 https://cdn.media.ccc.de/events/all\_systems\_go/2019/h264-hd/asg2019-164-eng-Reinventing\_Home\_Directories\_hd.mp4
627 <!-- cave: escape-character before '_' -->
634 msmtp - light SMTP client with support for server profiles
636 *configuration of msmtp using `$ touch $HOME/.msmtprc`*
638 ## *general options for all accounts*
640 # Set default values for all following accounts.
643 # Port 465 is designed for required ("implicit") TLS-encryption.
644 # Mail submission port 587 is used for STARTTLS,
645 # port 25 is used for unencrypted communication.
646 # The protocol is smtp (smtps is not an option available, the alternative is lmtp)
650 # Keep a logfile for later evaluation
651 #logfile ~/.mail/msmtp.log
654 # Enable or disable automatic envelope-from addresses. The default is off.
655 # The domain part can be set with the maildomain command.
656 # cave: the user-part will be as the login-name on the computer!
657 # not usable for emails to be send non-locally!
660 if you want to send messages via tor, use the following
662 # Use tor as a proxy (needs tor and tls on)
668 * tor with SocksPort bound to 9050 (defined in $HOME/.torrc)
674 ## *options concerning tls for all accounts*
679 # STARTTLS turns a previously unencrypted session into an encrypted one
680 # This is by far not as secure as using an encrypted session from the beginning!
681 # Therefore TLS is turned on while STARTTLS is turned off.
682 # Recommendation: if you don't need STARTTLS, then TURN IT OFF!
685 # Set a list of trusted CAs for TLS. You can use a system-wide default file,
686 # as in this example, or download the root certificate of your CA and use that.
687 # If accounts without tls_trust_file are used, this command should be in each accout!
688 #tls_trust_file /etc/ssl/certs/ca-certificates.crt
690 # Additionally, you should use the tls_crl_file command to check for
691 # revoked certificates, but unfortunately getting revocation lists
692 # and keeping them up to date is not straightforward.
693 #tls_crl_file ~/.tls-crls
703 ## *account-specific options*
707 host smtp.example.com
708 from username@example.com
710 user #CAVE: SEE BELOW
712 passwordeval #CAVE: SEE BELOW
714 #port 587 # if needed
716 #tls_starttls on # if needed
717 tls_fingerprint #CAVE: SEE BELOW
718 tls_trust_file /etc/ssl/certs/ca-certificates.crt
722 for *User* use the username as found by the *openssl s\_client*-command
724 <!-- cave: escape-character before '_' -->
726 use *pass* or *gpg* for decrypting the password
727 passwordeval "pass show TEST | head -1"
728 passwordeval "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only $HOME/SOMEWHERE/TEST.gpg | head -1"
730 find tsl\_fingerprint using the following command
731 `$ openssl s_client -connect SMTP_SERVER:587 -starttls smtp </dev/null 2>/dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2`
732 `$ openssl s_client -connect SMTP_SERVER:465 </dev/null 2>/dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2`
733 change accordingly, if *starttls* is used
735 output: e.g. 01:23:45:67:89:AB:CD:EF:BA:DC:0F:FE:E0:DD:F0:0D:DE:AD:BE:EF
740 `$ echo "Subject Test" | msmtp some_other_account@example.com -a TEST`
749 neomutt - text-based mailreader supporting MIME, GPG, PGP and threading
752 ## *account configuration*
754 set realname = "some name"
755 set from = "myusername@example.com"
758 my_hdr From: some name <myusername@example.com>
760 set signature = "~/SOMEWHERE/signature.txt"
763 set pgp_default_key = "DEADBEEF"
764 set pgp_sign_as = "BADC0FFE"
765 # use long keys or fingerprints if possible
772 set spoolfile = "imaps://myusername@example.com@example.com:993/INBOX"
773 set record = "imaps://myusername@example.com@example.com:993/Sent"
774 set postponed = "imaps://myusername@example.com@example.com:993/Drafts"
776 # disabeled online trash folder, so that only local trash folder will be used
777 #set trash = "imaps://myusername@example.com@example.com:993/Trash"
779 # When using only one folder, everything can be addressed relatively
780 #set spoolfile = "+INBOX"
781 #set record = "+Sent"
782 #set postponed = "+Drafts"
783 #set trash = "+Trash"
785 # mailbox definitions are either performed here or in a separate sidebar
786 #mailboxes =INBOX =Sent =Trash =Drafts =Junk
794 ## *debugging neomutt*
798 **CAVE: neomutt INCLUDES the CREDENTIALS in the DEBUG-LOG!**
801 ## *use passwords within neomutt*
803 set smtp_url = "smtp://myusername@example.com@example.com:587"
804 #set smtp_pass = "`pass TEST`"
806 set folder = "imaps://myusername@example.com@example.com:993"
807 #set imap_pass = "`pass TEST`"
809 source "pass MUTT_TEST |" #CAVE: SEE BELOW
811 *source a password-file from within neomutt*
813 use a pipe ("|") after the file to read so that the content of the file gets executed
815 content of the password-file
817 set imap_pass="MYSUPERSECRETPASSWORD"
818 set smtp_pass="MYSUPERSECRETPASSWORD"
820 in addition add the following option to the .muttrc to disable the colon (':')
821 `bind generic,alias,attach,browser,editor,index,compose,pager,pgp,postpone ':' noop`
822 otherwise entering `:set ? imap_pass` or `:set ? smtp_pass` will reveal your password!
830 ## *account-specific sidebar-options*
832 use the sidebar for faster navigation between different accounts
836 virtual-mailboxes " ----- " "=separator"
837 virtual-mailboxes " search" "~/SOMEWHERE/search"
838 virtual-mailboxes " inbox " "imaps://myusername@example.com@example.com:993/INBOX"
839 virtual-mailboxes " sent " "imaps://myusername@example.com@example.com:993/Sent"
840 virtual-mailboxes " drafts" "imaps://myusername@example.com@example.com:993/Drafts"
841 virtual-mailboxes " trash " "imaps://myusername@example.com@example.com:993/Trash"
842 virtual-mailboxes " junk " "imaps://myusername@example.com@example.com:993/Junk"
845 if a `folder` is set, an abbreviated form can be used
847 virtual-mailboxes " something" "+INBOX"
854 ## *general options concerning the sidebar*
857 # Should the Sidebar be shown?
858 set sidebar_visible = yes
860 # How wide should the Sidebar be in screen columns?
861 set sidebar_width = 35
862 #set sidebar_indicator=green
864 # Should the mailbox paths be abbreviated?
865 set sidebar_short_path = yes
867 # When abbreviating mailbox path names, use any of these characters as path
868 # separators. Only the part after the last separators will be shown.
869 # For file folders '/' is good. For IMAP folders, often '.' is useful.
870 set sidebar_delim_chars = '/.'
872 # Make the Sidebar only display mailboxes that contain new, or flagged, mail.
873 set sidebar_new_mail_only = no
875 # When searching for mailboxes containing new mail, should the search wrap
876 # around when it reaches the end of the list?
877 set sidebar_next_new_wrap = no
879 # The character to use as the divider between the Sidebar and the other NeoMutt panels.
880 set sidebar_divider_char = ' | '
882 # Enable extended mailbox mode to calculate total, new, and flagged
883 # message counts for each mailbox.
887 bind index,pager B sidebar-toggle-visible
889 bind index,pager \Ck sidebar-prev
890 bind index,pager \Cj sidebar-next
891 bind index,pager \Cl sidebar-open
898 ## *design of the sidebar*
900 # Sort the mailboxes in the Sidebar using this method:
901 # count – total number of messages
902 # flagged – number of flagged messages
903 # new – number of new messages
904 # path – mailbox path
905 # unsorted– do not sort the mailboxes
906 set sidebar_sort_method = 'unsorted'
909 # Display the Sidebar mailboxes using this format string.
910 # additional informatino on https://neomutt.org/guide/reference.html#sidebar-format
912 # %B Name of the mailbox
913 # %S Size of mailbox (total number of messages)
914 # %F Number of Flagged messages in the mailbox
915 # %N Number of New messages in the mailbox
916 # %n If there's new mail, display “ N”, otherwise nothing
917 # %! “ !”: one flagged message;
918 “ !!”: two flagged messages;
919 “ n!”: n flagged messages (for n > 2). Otherwise prints nothing.
920 # %d Number of deleted messages
921 # %L Number of messages after limiting
922 # %t Number of tagged messages
923 # %>X Right justify the rest of the string and pad with “ X”
924 # %|X Pad to the end of the line with “ X”
925 # %*X Soft-fill with character “ X”as pad
927 # %?F? [%F]? If flagged emails [%F], otherwise nothing
930 set sidebar_format = "%B %?n?[N]&? %* [%?N?%N/?%S]"
939 setenv PINENTRY_USER_DATA curses
940 # In case of problems, change ~/.gnupg/ to include the line
941 # pinentry-program /usr/bin/pinentry-curses
943 # pinentry-program /usr/bin/pinentry-tty
946 # automatically enable PGP encryption/signing for messages (default = yes)
947 set crypt_autopgp = yes
949 # attempt to cryptographically sign outgoing messages (default = no)
950 set crypt_autosign = no
952 # attempt to PGP encrypt outgoing messages (default = no)
953 set crypt_autoencrypt = no
955 # enable S/MIME encryption/signing for messages (default = yes)
956 set crypt_autosmime = yes
959 # automatically PGP or OpenSSL sign replies to messages which are signed
961 set crypt_replysign = yes
963 # automatically PGP or OpenSSL encrypt replies to messages which are encrypted
965 set crypt_replyencrypt = yes
967 # automatically PGP or OpenSSL sign replies to messages which are encrypted
969 set crypt_replysignencrypted = yes
972 # attempt to verify PGP or S/MIME signatures (default = yes)
973 set crypt_verify_sig = yes
982 # include a time stamp in the lines surrounding PGP or S/MIME output, so spoofing
983 # such lines is more difficult. If you are using colors to mark these lines
984 # and rely on these, you may unset this setting. (default = yes)
985 set crypt_timestamp = yes
987 # display non-usable keys on the PGP key selection menu. This includes keys which
988 # have been revoked, have expired, or have been marked as "disabled" by the user.
989 set pgp_show_unusable = yes
991 # number of seconds after which a cached passphrase will expire if not used.
992 # is limited by the .gnupg/gpg-agent.conf - option 'max-cache-ttl'
993 set pgp_timeout = 600
995 # check the status file descriptor output of
996 # $pgp_decrypt_command
998 # $pgp_decode_command
999 # for GnuPG status codes indicating successful decryption. (default = yes)
1000 set pgp_check_gpg_decrypt_status_fd = yes
1002 # PGP signature is only considered verified if the output from
1003 # $pgp_verify_command
1004 # contains the text. (default = <empty>)
1005 set pgp_good_sign = "^gpg: Good signature from"
1007 # Save a copy of outgoing email, encrypted to yourself
1008 set pgp_self_encrypt = yes
1010 #set pgp_default_key = "PGP-KEY"
1011 #set pgp_sign_as = "PGP-SIGNING-KEY"
1013 # Save a copy of outgoing email, encrypted to yourself
1014 set smime_self_encrypt = yes
1015 set smime_is_default = no
1017 #set smime_default_key = "SMIME-KEY"
1018 #set smime_sign_as = "SMIME-SIGNING-KEY"
1025 ## *gpg-integration*
1028 set pgp_sign_command ="gpg \
1037 %?a?--local-user %a? %f"
1039 set pgp_encrypt_only_command = "/usr/lib/neomutt/pgpewrap \
1048 --recipient %r -- %f"
1050 set pgp_encrypt_sign_command = "/usr/lib/neomutt/pgpewrap \
1061 %?a?--local-user %a? -- \
1062 --recipient %r -- %f"
1064 CAVE: either put /usr/lib/neomutt in $PATH or explicitly use /usr/lib/neomutt/pgpewrap
1066 CAVE: more complicated config = more risk, that something is incorrectly configured!
1074 codecrypt - post-quantum encryption and signing tool
1075 *CAVE: software has not undergone a cryptographic audit*
1077 # This is a GnuPG-like Unix program for encryption and signing
1078 # that only uses quantum-resistant algorithms:
1079 # McEliece cryptosystem (compact QC-MDPC variant) for encryption.
1080 # Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures.
1083 # ccr basic command usage
1085 # Generate a strong(er) asymmetric encryption key
1086 $ ccr -g ENC-256 -N SOME_NAME
1088 # Export specified public key for sharing with contacts
1089 $ ccr -F SOME_NAME -ap > SOME_NAME.pub
1091 # Export specified private key. The -F parameter chooses the key to be used
1092 # To enumerate all keys in the keyring run ccr -k for public ones and ccr -K for private
1093 $ ccr -F SOME_NAME -aP > SOME_NAME_UNENCRYPTED
1095 # Back-up keys: It is easier to backup the ccr folder in the home directory,
1096 # changing its name from/to .ccr upon restore.
1097 # Enable hidden file view with alt + . to see it.
1100 # ccr key management
1102 # Import a public key.
1103 $ ccr -ai < [contactkey]
1105 # Import a private key.
1106 $ ccr -aI < [myprivatekey]
1108 # Encrypt a plaintext message file only to an already imported contact key.
1109 # Note this will be inaccessible to you. Save a plaintext copy for archival purposes.
1110 $ ccr -aer SOME_NAME -R secret > secret.ccr
1112 # Decrypt a ciphertext message creating plaintext output.
1113 $ ccr -adR secret.ccr > secret.new
1124 unalternative_order *
1125 alternative_order multipart/mixed multipart/related text/plain text/enriched text/html
1126 # define order how to view messages; multipart/* is needed for attachment forwarding
1129 # automatically convert text/html into plain text
1131 bind attach <return> view-mailcap
1132 # view attachments using 'v', then open in mailcap using 'm'
1134 mime_lookup application/octet-stream
1136 # Ask if the user wishes to abort sending if $abort_noattach_regex
1137 # is found in the body, but no attachments have been added
1139 # "yes" : always abort
1140 # "ask-yes" : ask whether to abort
1141 # "no" : send the mail
1142 set abort_noattach = ask-yes
1144 # Search for the following regular expression in the body of the email
1145 # English: attach, attached, attachment, attachments
1146 set abort_noattach_regex = "\\<attach(|ed|ments?)\\>"
1148 set abort_noattach_regex = "\\<(Anhang|anhängen|angehängt|anhang|anhänge|hängt an)\\>"
1150 set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] "
1152 set mailcap_path = "~/.mutt/config/mutt_mailcap"
1153 # define link to filetypes-file
1163 this should be put into a separate file for mailcap
1166 # html-emails and other email-formats
1167 text/html; w3m -cols 80 -dump -T text/html '%s'; copiousoutput
1168 application/rtf; unrtf '%s' | html2text; copiousoutput
1172 application/pdf; pdftotext '%s' - ; print=zathura '%s'; copiousoutput
1176 application/vnd.openxmlformats-officedocument.wordprocessingml.document; docx2txt '%s' - | less; copiousoutput
1177 application/msword; antiword '%s'; copiousoutput
1179 application/vnd.openxmlformats-officedocument.spreadsheetml.sheet; vd '%s'; needsterminal
1180 application/vnd.ms-excel; vd '%s'; needsterminal
1182 application/vnd.ms-powerpoint; catppt '%s' | less; copiousoutput
1185 image/*; catimg '%s'; print=sxiv '%s'; needsterminal
1192 ## *additional options*
1195 set ispell = "aspell -e -c"
1196 # use aspell as spellchecker
1198 set thorough_search = yes
1201 macro index,pager \ea "<pipe-message>abook \
1202 --add-email<return>" "Add this sender to abook"
1204 bind editor <Tab> complete-query
1207 additional options depending of the indexing-utility used
1210 set query_command = "( abook --mutt-query '%s' ; \
1211 mu cfind --format=mutt-ab '%s' | sed -n '1!p' )"
1216 # **mu (maildir-utils) or notmuch or mairix**
1218 first create an index database
1221 `$ mu index --maildir=/SOMEFOLDER`
1223 for mairix the configuration file has to be created manually (using $HOME/.mairixrc)
1226 create symbolic links to a specific folder to be opened in neomutt
1229 # searching messages
1230 macro generic,index,pager,browser <Fx> "<shell-escape>mu \
1233 --linksdir=~/SOMEWHERE/" "mu find"
1235 macro generic,index,pager,browser <Fx> "<shell-escape>notmuch-mutt \
1236 --output-dir ~/SOMEWHERE \
1237 --prompt search<enter>" "notmuch search"
1239 macro generic,index,pager,browser <Fx> "<shell-escape>mairix " "mairix"
1243 macro generic,index,pager,browser <Fx> "<change-folder-readonly>~/SOMEWHERE<enter>" "search folder"
1252 mmh - set of electronic mail handling programs (legacy code removed from nmh)
1253 nmh - 'new' mail handler (although older than mmh)
1259 currently work in progress (issue - using multiple accounts with sendmail)
1266 ## *converting .eml-files directly into mbox or maildir using cli-tools*
1268 ## *how to deal with broken emails (how to prevent and how to fix them)*
1270 ## *download messages using isync via a tor-proxy*
1272 solution: use tsocks/torsocks
1274 ## *sending messages from different accounts using sendmail*
1276 ## *tagging messages using mu*
1278 ## *how to handle passwords, while being both obfuscated (within a file) and secure*
1280 possible solution: use tomb and pass
1282 ## *searching gpg-encrypted messages*
1284 ## *searching tar-archived message folders*
1286 ## *open other emails while writing without a second 'mutt -R'-window*
1288 possible solution: postpone messages
1290 ## *increase viewing space for attachments when sending messages*
1292 solution: set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] "
1294 <!-- cave: escape-character before '*' -->
1296 ## *slow, when changing to different offline folder*
1298 ## *mutt sometimes hanging (not able to ^C or ^G)*
1300 ## *mutt sometimes sending empty messages (when hanging)*
1302 ## *accessing a maildir-folder over ssh with mutt being installed locally*
1304 ## *switching between user credentials when accessing local folders*
1306 possible solution: folder-hooks
1308 ## *generate a local spam-filter*