--- /dev/null
+---
+title: email - towards a less terrible setup
+author: al.t
+...
+
+# **prelude - the used presentation toolchain**
+
+## *how to make presentations easier, faster and more awesome in general*
+
+### Software options
+ * patat (uses pandoc to convert from $WHATEVER to terminal-presentation)
+ + https://github.com/jaspervdj/patat
+ * mdp (uses a specific markdown-flavour for terminal-presentation)
+ + https://github.com/visit1985/mdp
+ * tpp (uses a own dialect, more control over presentation)
+ + https://github.com/cbbrowne/tpp
+ * hovercraft (converts reStructuredText to impress.js, needs the GUI)
+ + https://regebro.github.io/hovercraft/
+
+
+### Chosen presentation software
+
+<!-- :.!man patat | head -n 26 -->
+
+NAME
+ patat - Presentations Atop The ANSI Terminal
+
+SYNOPSIS
+ patat [*options*] file
+
+DESCRIPTION
+ Controls
+ * Next slide: space, enter, l, →, PageDown
+ * Previous slide: backspace, h, ←, PageUp
+ * Go forward 10 slides: j, ↓
+ * Go backward 10 slides: k, ↑
+ * First slide: 0
+ * Last slide: G
+ * Reload file: r
+ * Quit: q
+
+
+
+---
+
+
+
+# **Content**
+
+
+## *whoami and why that setup*
+
+
+## *howto $WHATEVER -> maildir*
+
+
+## *access online folders*
+
+
+## *alpine*
+
+
+## *mbsync (isync)*
+
+
+## *msmtp*
+
+
+## *(neo)mutt*
+
+
+## *notmuch or mu (maildir-utils) or mairix*
+
+
+## *nmh or mmh*
+
+
+## *open issues*
+
+
+
+---
+
+
+
+# **whoami and why that setup**
+
+## legacy backup data
+
+ * used different (non-linux) os
+ * restrictive environments (cannot install software)
+ * multiple languages (use of many non-ASCII-characters)
+
+ * used different email-clients
+ * webmail with saved messages
+ * MS Outlook
+ * single messages (.msg)
+ * message archives (.pst)
+ * Mozilla Thunderbird
+ * single messages (.eml)
+ * message archives (.mbox)
+
+## goals
+
+having an email-setup, which fulfills the following demands
+
+ * not lose any data (although being old)
+ * convert everything in a common file format
+ * use the same data structure for in-use emails and archived emails
+ * be able to perform incremental backups
+ * no risk of vendor-lock-in (use only FLOSS-tools in Debian-main-repositories)
+ * separation between configuration and email-data
+ * not resource-intensive while fast
+ * being able to handle > 100K of messages
+
+ * if possible: CLI/TUI-tools
+
+*solution: in a first step, convert legacy messages to maildir*
+
+
+
+---
+
+
+
+# **howto $WHATEVER -> maildir**
+
+
+## *detox*
+
+detox - replace problematic characters in filenames
+
+`$ detox -r *`
+
+* -r recurse to subdirectories
+
+
+## *msgconvert (libemail-outlook-message-perl)*
+
+libemail-outlook-message-perl - module for reading Outlook .msg files
+
+`$ msgconvert *.msg`
+
+CAVE: msgconvert converts messages by default into .eml-files
+
+
+## *Mozilla Thunderbird (thunderbird)*
+
+thunderbird: cross platform standalone mail application
+
+usage:
+start GUI -> install add-on ImportExportTools NG
+right click on folder -> ImportExportTools NG -> "Import messages from directory (including subdirectories)" -> choose directory with .eml-files
+right click on folder -> ImportExportTools NG -> "Export folder with subfolders (with structure)" -> choose directory for creating .mbox-file(s)
+
+CAVE: thunderbird stores messages by default in the .mbox-format, so exporting is strictly speaking not needed
+CAVE: ugly, better toolchain needed (currently just workaround)
+
+
+*current status: all messages converted from .msg/.eml to .mbox-files*
+
+
+
+---
+
+
+
+# **howto $WHATEVER -> maildir**
+
+
+## *readpst (pst-utils)*
+
+pst-utils: tools for reading Microsoft Outlook PST files
+
+`$ readpst -8 *.pst`
+
+* -8 output email bodies as UTF-8 instead of the original format
+
+CAVE: readpst converts messages by default into .mbox-files
+
+
+
+## *mb2md*
+
+mb2md — Converts Mbox mailboxes to Maildir format
+
+`$ mb2md -s $HOME/emails/sourcedir/ -R -d $HOME/emails/destdir/`
+
+* -s sourcedir
+* -R run recursively
+* -d destdir
+
+CAVE: mb2md does *NOT!* use relative paths from pwd, but from $HOME!
+
+
+## *jdupes or fdupes*
+
+jdupes - identify and delete or link duplicate files
+fdupes - identifies duplicate files within given directories (old)
+
+`$ jdupes -rdN FOLDER`
+
+* -r recurse to subdirectories
+* -d delete duplicate files
+* -N don't ask (noprompt)
+
+CAVE: this will *DELETE!* the duplicate files, pause and think before executing this command!
+
+
+*current status: all messages in maildir-format, deduplicated (if hashes were identical)*
+
+
+---
+
+
+# *Interlude*
+
+## random trivia
+
+*The GNOME foundation got sued by a patenet troll (Rothschild Patent Imaging, LLC) for using 'technology to transfer images'.*
+
+sources:
+* https://itsfoss.com/shotwell-lawsuit/
+* https://www.patentprogress.org/2019/09/26/mythical-troll-attacks-gnome/
+* https://www.pro-linux.de/news/1/27473/patentklage-gegen-gnome-foundation.html
+* https://www.golem.de/news/shotwell-patenttroll-verklagt-gnome-foundation-wegen-fotoverwaltung-1909-144089-rss.html
+* https://www.zdnet.com/article/leave-gnome-alone-this-patent-troll-is-asking-for-trouble/
+* http://techrights.org/2019/09/25/microsoft-patent-troll-intellectual-ventures-gnome/
+
+According to the techrights.org-source, Rothschild Patent Imaging, LLC, is connected to Microsoft
+
+
+---
+
+
+
+# **access online folders (using openssl)**
+
+
+openssl - Secure Sockets Layer toolkit
+
+
+*connect to the mail-server*
+`$ openssl s_client -connect mail.example.com:993 -crlf`
+
+* -crlf translates a line feed from the terminal into CR+LF as required by some servers
+
+
+*access the account*
+> 1 LOGIN MYUSERNAME MYPASSWORDINPLAINTEXT
+
+alternative
+`$ echo 'MYUSERNAMEMYUSERNAMEMYPASSWORDINPLAINTEXT' | base64`
+cave: <return> has to be deleted, therefore this doesn't work currently as expected
+
+to test the encoding use
+`$ echo 'StringFromAbove' | base64 -d`
+
+`> 1 AUTHENTICATE PLAIN StringFromAbove`
+
+
+*list the name of all folders within the account*
+`> 2 LIST "" "\*"`
+
+<!-- cave: escape-character before '*' -->
+
+
+*select a folder (e.g. inbox) to test if it works*
+`> 3 SELECT INBOX`
+
+
+*logout*
+`> 4 LOGOUT`
+
+## *troubleshoot the connection to each mail server in advance*
+
+*take note of the configuration details for the later steps*
+* user names (with or without the addition of ...@example.com?)
+* used ports (hopefully 993)
+* names of folder (Sent or Inbox.Sent or something else?)
+
+
+*current status: all accounts are accessable online using openssl*
+
+
+---
+
+
+
+# **alpine**
+
+
+## *general information*
+
+
+alpine - text-based email client, friendly for novices but powerful
+
+
+for creating debug-information use
+`$ alpine -d [0-9]`
+alpine does *NOT!* store any credential information in its logs
+
+configuration is done in-program and stored in $HOME/.pinerc
+
+configuration is done using shortcuts (case-insensitive) or TUI
+
+information available at *http://alpine.x10host.com/*
+the latest release is available at *http://alpine.x10host.com/alpine/release/*
+the latest development version at *https://repo.or.cz/alpine.git*
+
+*the current developer and maintainer of alpine, __Eduardo Chappa__ (alpine.chappa@yandex.com or chappa@vfemail.net), is __extremely helpful__!*
+
+
+## *base configuration*
+
+
+to add a collection list (aka folder):
+*M* (main menu) - *S* (setup) - *L* (collectionLists) - *A* (add collection list)
+
+to add a role (aka account details):
+*M* - *S* - *R* (rules) - *R* (roles) - *A* (add)
+
+nano ('pico') is the default editor
+available commands are displayed below ('nano-style')
+
+exemplary imap-access: *{mail.example.com/ssl/user=MY_USER_NAME}INBOX*
+exemplary Fcc (sent): *{mail.example.com/ssl/user=MY_USER_NAME}INBOX.Sent*
+exemplary smtp-access: *smtp.example.com/ssl/user=MY_USER_NAME*
+
+multiple accounts can be created using the above mentioned scheme
+
+
+
+---
+
+
+
+# **alpine**
+
+
+## *address book*
+
+the addressbook is located in *$HOME/.addressbook*
+
+to convert from abook to alpine-addressbook use
+`$ abook --convert --infile $HOME/.abook/addressbook --outformat pine | sed 's/,.*//' | sed 's/(//' > ~/.addressbook`
+(the sed-command is needed if multiple email-addresses per name are stored)
+
+
+## *using ~/.pine\_passfile and ~/.alpine-smime/.pwd*
+<!-- cave: escape-character before '_' -->
+
+if compiled using `$ ./configure --with-passfile=$HOME/.pine-passfile`, passwords can be stored in that file if it exists (default in debian)
+
+to use this feature, `$ touch ~/.pine-passfile`
+
+the passfile is encrypted using the *$HOME/.alpine-smime/.pwd/MasterPassword.key*
+
+the key is a *2048 bit RSA key* (`$ openssl rsa -text -in ~/.alpine-smime/.pwd/MasterPassword.key`)
+
+private email to maintainer and talking about the security of 2048 bit RSA keys he replied:
+*"I am happy to change the encryption to a higher degreeof encryption. That is not a problem. I can search in openssl how to do that. Should be easy."*
+it might also be possible to do this manually, but I haven't tried it yet
+
+the .pine-passfile can be *decrypted using openssl* (`$ openssl smime -decrypt -inform pem -in ~/.pine-passfile -inkey ~/.alpine-smime/.pwd/MasterPassword.key`)
+data is obfuscated after encryption (this was the only security measure until some years ago, so beware of old forum posts)
+
+
+
+
+---
+
+
+# **alpine**
+
+
+## *issues with alpine*
+
+
+* not as flexible as (neo)mutt
+* should be used as intended (cannot be completely re-configured)
+* not as sexy (less perceived users, therefore less information online)
+* if the email-server is not configured correctly, problems might arise
+
+
+## *why should anybody use alpine?*
+
+if you want a TUI-based email program, consider alpine!
+
+* very fast to set up
+ + `$ sudo apt-get install alpine && alpine`
+* relatively easy to configure
+ + the configuration can be performed from within alpine
+ + general behaviour can be changed
+ + GPG-key-interaction and signatures can be used
+ + the editor can be changed
+ + additional customization (e.g. colors) can be used
+* stores everything in one configuration file ($HOME/.pinerc)
+ + therefore easy to deploy
+* the maintainer is awesome
+
+
+
+*current status: ability to use a TUI email-client for reading and sending email*
+
+
+---
+
+
+# **mbsync (isync)**
+
+isync - IMAP and MailDir mailbox synchronizer
+the binary is called *mbsync*
+
+alternative software - offlineimap
+
+## *configuration of mbsync using `$ touch $HOME/.mbsyncrc`*
+
+ IMAPAccount TEST
+ Host mail.example.org
+ User #CAVE: SEE BELOW
+ PassCmd #CAVE: SEE BELOW
+ SSLType IMAPS # use secure IMAP
+ SSLVersions TLSv1.2
+ CertificateFile /etc/ssl/certs/ca-certificates.crt
+
+ CopyArrivalDate yes
+
+
+
+for *User* use the username as found by the *openssl s\_client*-command
+
+<!-- cave: escape-character before '_' -->
+
+PassCmd "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only --pinentry-mode cancel ~/.password-store/email/TEST.gpg | head -n 1"
+
+* --pinentry-mode cancel do not ask for passwords, just cancel
+
+this setup can only be used together with a gpg-agent
+
+this setup requires a file being stored in *$HOME/.password-store*, as this is done using *pass*
+
+prequisites
+
+* gnupg
+* gpg-agent
+* pass
+
+
+---
+
+# **mbsync (isync)**
+
+## *add information on remote and local folders*
+
+
+ # ### Remote storage -------------------
+
+ IMAPStore TEST-remote
+ Account TEST
+
+
+ # ### Local storage --------------------
+
+ MaildirStore TEST-local
+ SubFolders Verbatim
+
+ Path ~/SOMEWHERE/TEST/
+ # CAVE: The trailing "/" under 'Path' is important
+
+ #Inbox ~/SOMEWHERE/TEST/inbox
+ # CAVE: the name of the 'inbox' conflicts with the channel slave name!
+ # use this only, of no channels are used
+
+
+
+---
+
+# **mbsync (isync)**
+
+## *add information on the inbox-channel (remote and local folders)*
+
+
+ Channel TEST-Inbox
+ Master :TEST-remote:"INBOX"
+ Slave :TEST-local:inbox
+
+ Create Both
+ # Automatically create missing mailboxes, both locally and on the server
+
+ Expunge Both
+ # Automatically delete messages if deleted in other folder
+
+ SyncState *
+ # Save the synchronization state files in the relevant directory
+
+ MaxSize 100m
+ # Don't download any email greater than this
+
+ Patterns *
+ # Will copy all the account as specified at under remote
+
+ #Patterns "INBOX*"
+ #Patterns !* "INBOX*" "Sent*"
+ # Exclude everything except the folders mentioned
+
+for remote foldernames use the names as found by the *openssl s\_client*-command
+
+<!-- cave: escape-character before '_' -->
+
+
+---
+
+# **mbsync (isync)**
+
+## *add information on additional channels*
+
+ Channel TEST-Sent
+ Master :TEST-remote:"Sent"
+ Slave :TEST-local:sent
+ Create Both
+ Expunge Both
+ SyncState *
+ MaxSize 100m
+ Patterns *
+
+ Channel TEST-Draft
+ Master :TEST-remote:"Draft"
+ Slave :TEST-local:draft
+ Create Both
+ Expunge Both
+ SyncState *
+ MaxSize 100m
+ Patterns *
+
+
+for remote foldernames use the names as found by the *openssl s\_client*-command
+
+<!-- cave: escape-character before '_' -->
+
+## *group the channels into a single entity*
+
+
+ # Get all the channels together into a group.
+ Group TEST
+ Channel TEST-Inbox
+ Channel TEST-Sent
+ Channel TEST-Draft
+
+
+
+
+---
+
+
+# **mbsync (isync)**
+
+
+test and debug a specific group or channel
+`$ mbsync -Dmn TEST`
+
+
+synchronize messages of all groups
+`$ mbsync -a`
+
+
+## *synchronize messages automatically (as an alternative to cron-jobs)*
+
+
+`$ touch $HOME/.config/systemd/user/mbsync.service`
+
+ [Unit]
+ Description=Manual mailbox synchronization service
+
+ [Service]
+ Type=oneshot
+ ExecStart=/bin/sh -c '/usr/bin/torsocks /usr/bin/mbsync -aq'
+ ExecStartPost=ProgramToIndexMessages
+
+
+`$ touch HOME/.config/systemd/user/mbsync.timer`
+
+ [Unit]
+ Description=Manual mailbox synchronization timer
+
+ [Timer]
+ OnBootSec=2m
+ OnUnitActiveSec=5m
+ Unit=mbsync.service
+
+ [Install]
+ WantedBy=timers.target
+
+`$ systemctl start --user mbsync.timer`
+`$ systemctl enable --user mbsync.timer`
+`$ systemctl status --user mbsync.timer`
+
+
+*current status: new messages get automatically synchronized to my computer*
+
+
+---
+
+
+# *Interlude*
+
+## random trivia
+
+*Lennart Poettering wants to take away your home directory*
+
+
+Let's bring the UNIX concept of Home Directories into the 21st century. The
+concept of home directories on Linux/UNIX has little changed in the last 39
+years. It's time to have a closer look, and bring them up to today's standards,
+regarding encryption, storage, authentication, user records, and more. In this
+talk we'll talk about "systemd-homed", a new component for systemd, that
+reworks how we do home directories on Linux, adds strong encryption that makes
+sense, supports automatic enumeration and hot-plugged home directories and
+more. (asg2019)
+
+
+sources:
+https://www.theregister.co.uk/2019/09/25/systemd\_inventor\_home\_directories/
+https://cfp.all-systems-go.io/ASG2019/talk/VSQRXA/
+https://cdn.media.ccc.de/events/all\_systems\_go/2019/h264-hd/asg2019-164-eng-Reinventing\_Home\_Directories\_hd.mp4
+
+<!-- cave: escape-character before '_' -->
+
+---
+
+
+# **msmtp**
+
+msmtp - light SMTP client with support for server profiles
+
+*configuration of msmtp using `$ touch $HOME/.msmtprc`*
+
+## *general options for all accounts*
+
+ # Set default values for all following accounts.
+ defaults
+
+ # Port 465 is designed for required ("implicit") TLS-encryption.
+ # Mail submission port 587 is used for STARTTLS,
+ # port 25 is used for unencrypted communication.
+ # The protocol is smtp (smtps is not an option available, the alternative is lmtp)
+ protocol smtp
+ port 465
+
+ # Keep a logfile for later evaluation
+ #logfile ~/.mail/msmtp.log
+
+
+ # Enable or disable automatic envelope-from addresses. The default is off.
+ # The domain part can be set with the maildomain command.
+ # cave: the user-part will be as the login-name on the computer!
+ # not usable for emails to be send non-locally!
+ #auto_from off
+
+if you want to send messages via tor, use the following
+
+ # Use tor as a proxy (needs tor and tls on)
+ proxy_host 127.0.0.1
+ proxy_port 9050
+
+prequisites
+
+* tor with SocksPort bound to 9050 (defined in $HOME/.torrc)
+
+---
+
+# **msmtp**
+
+## *options concerning tls for all accounts*
+
+ # Always use TLS
+ tls on
+
+ # STARTTLS turns a previously unencrypted session into an encrypted one
+ # This is by far not as secure as using an encrypted session from the beginning!
+ # Therefore TLS is turned on while STARTTLS is turned off.
+ # Recommendation: if you don't need STARTTLS, then TURN IT OFF!
+ tls_starttls off
+
+ # Set a list of trusted CAs for TLS. You can use a system-wide default file,
+ # as in this example, or download the root certificate of your CA and use that.
+ # If accounts without tls_trust_file are used, this command should be in each accout!
+ #tls_trust_file /etc/ssl/certs/ca-certificates.crt
+
+ # Additionally, you should use the tls_crl_file command to check for
+ # revoked certificates, but unfortunately getting revocation lists
+ # and keeping them up to date is not straightforward.
+ #tls_crl_file ~/.tls-crls
+
+
+
+
+---
+
+
+# **msmtp**
+
+## *account-specific options*
+
+
+ account TEST
+ host smtp.example.com
+ from username@example.com
+ auth on
+ user #CAVE: SEE BELOW
+
+ passwordeval #CAVE: SEE BELOW
+
+ #port 587 # if needed
+
+ #tls_starttls on # if needed
+ tls_fingerprint #CAVE: SEE BELOW
+ tls_trust_file /etc/ssl/certs/ca-certificates.crt
+
+
+
+for *User* use the username as found by the *openssl s\_client*-command
+
+<!-- cave: escape-character before '_' -->
+
+use *pass* or *gpg* for decrypting the password
+passwordeval "pass show TEST | head -1"
+passwordeval "gpg2 --decrypt --no-tty --quiet --no-verbose --for-your-eyes-only $HOME/SOMEWHERE/TEST.gpg | head -1"
+
+find tsl\_fingerprint using the following command
+ `$ openssl s_client -connect SMTP_SERVER:587 -starttls smtp </dev/null 2>/dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2`
+ `$ openssl s_client -connect SMTP_SERVER:465 </dev/null 2>/dev/null | openssl x509 -fingerprint -noout | cut -d'=' -f2`
+ change accordingly, if *starttls* is used
+
+output: e.g. 01:23:45:67:89:AB:CD:EF:BA:DC:0F:FE:E0:DD:F0:0D:DE:AD:BE:EF
+
+
+## *test accounts*
+
+`$ echo "Subject Test" | msmtp some_other_account@example.com -a TEST`
+
+
+---
+
+
+
+# **neomutt**
+
+neomutt - text-based mailreader supporting MIME, GPG, PGP and threading
+
+
+## *account configuration*
+
+ set realname = "some name"
+ set from = "myusername@example.com"
+
+ unmy_hdr *
+ my_hdr From: some name <myusername@example.com>
+
+ set signature = "~/SOMEWHERE/signature.txt"
+
+
+ set pgp_default_key = "DEADBEEF"
+ set pgp_sign_as = "BADC0FFE"
+ # use long keys or fingerprints if possible
+
+
+ # access server
+
+ set mail_check = 60
+
+ set spoolfile = "imaps://myusername@example.com@example.com:993/INBOX"
+ set record = "imaps://myusername@example.com@example.com:993/Sent"
+ set postponed = "imaps://myusername@example.com@example.com:993/Drafts"
+
+ # disabeled online trash folder, so that only local trash folder will be used
+ #set trash = "imaps://myusername@example.com@example.com:993/Trash"
+
+ # When using only one folder, everything can be addressed relatively
+ #set spoolfile = "+INBOX"
+ #set record = "+Sent"
+ #set postponed = "+Drafts"
+ #set trash = "+Trash"
+
+ # mailbox definitions are either performed here or in a separate sidebar
+ #mailboxes =INBOX =Sent =Trash =Drafts =Junk
+
+
+---
+
+
+# **neomutt**
+
+## *debugging neomutt*
+
+`$ neomutt -d [1-5]`
+
+**CAVE: neomutt INCLUDES the CREDENTIALS in the DEBUG-LOG!**
+
+
+## *use passwords within neomutt*
+
+ set smtp_url = "smtp://myusername@example.com@example.com:587"
+ #set smtp_pass = "`pass TEST`"
+
+ set folder = "imaps://myusername@example.com@example.com:993"
+ #set imap_pass = "`pass TEST`"
+
+ source "pass MUTT_TEST |" #CAVE: SEE BELOW
+
+*source a password-file from within neomutt*
+
+use a pipe ("|") after the file to read so that the content of the file gets executed
+
+content of the password-file
+
+ set imap_pass="MYSUPERSECRETPASSWORD"
+ set smtp_pass="MYSUPERSECRETPASSWORD"
+
+in addition add the following option to the .muttrc to disable the colon (':')
+`bind generic,alias,attach,browser,editor,index,compose,pager,pgp,postpone ':' noop`
+otherwise entering `:set ? imap_pass` or `:set ? smtp_pass` will reveal your password!
+
+
+---
+
+# **neomutt**
+
+
+## *account-specific sidebar-options*
+
+use the sidebar for faster navigation between different accounts
+
+ unmailboxes *
+
+ virtual-mailboxes " ----- " "=separator"
+ virtual-mailboxes " search" "~/SOMEWHERE/search"
+ virtual-mailboxes " inbox " "imaps://myusername@example.com@example.com:993/INBOX"
+ virtual-mailboxes " sent " "imaps://myusername@example.com@example.com:993/Sent"
+ virtual-mailboxes " drafts" "imaps://myusername@example.com@example.com:993/Drafts"
+ virtual-mailboxes " trash " "imaps://myusername@example.com@example.com:993/Trash"
+ virtual-mailboxes " junk " "imaps://myusername@example.com@example.com:993/Junk"
+
+
+if a `folder` is set, an abbreviated form can be used
+
+ virtual-mailboxes " something" "+INBOX"
+
+
+---
+
+# **neomutt**
+
+## *general options concerning the sidebar*
+
+
+ # Should the Sidebar be shown?
+ set sidebar_visible = yes
+
+ # How wide should the Sidebar be in screen columns?
+ set sidebar_width = 35
+ #set sidebar_indicator=green
+
+ # Should the mailbox paths be abbreviated?
+ set sidebar_short_path = yes
+
+ # When abbreviating mailbox path names, use any of these characters as path
+ # separators. Only the part after the last separators will be shown.
+ # For file folders '/' is good. For IMAP folders, often '.' is useful.
+ set sidebar_delim_chars = '/.'
+
+ # Make the Sidebar only display mailboxes that contain new, or flagged, mail.
+ set sidebar_new_mail_only = no
+
+ # When searching for mailboxes containing new mail, should the search wrap
+ # around when it reaches the end of the list?
+ set sidebar_next_new_wrap = no
+
+ # The character to use as the divider between the Sidebar and the other NeoMutt panels.
+ set sidebar_divider_char = ' | '
+
+ # Enable extended mailbox mode to calculate total, new, and flagged
+ # message counts for each mailbox.
+ set mail_check_stats
+
+
+ bind index,pager B sidebar-toggle-visible
+
+ bind index,pager \Ck sidebar-prev
+ bind index,pager \Cj sidebar-next
+ bind index,pager \Cl sidebar-open
+
+
+---
+
+# **neomutt**
+
+## *design of the sidebar*
+
+ # Sort the mailboxes in the Sidebar using this method:
+ # count – total number of messages
+ # flagged – number of flagged messages
+ # new – number of new messages
+ # path – mailbox path
+ # unsorted– do not sort the mailboxes
+ set sidebar_sort_method = 'unsorted'
+
+
+ # Display the Sidebar mailboxes using this format string.
+ # additional informatino on https://neomutt.org/guide/reference.html#sidebar-format
+ #
+ # %B Name of the mailbox
+ # %S Size of mailbox (total number of messages)
+ # %F Number of Flagged messages in the mailbox
+ # %N Number of New messages in the mailbox
+ # %n If there's new mail, display “ N”, otherwise nothing
+ # %! “ !”: one flagged message;
+ “ !!”: two flagged messages;
+ “ n!”: n flagged messages (for n > 2). Otherwise prints nothing.
+ # %d Number of deleted messages
+ # %L Number of messages after limiting
+ # %t Number of tagged messages
+ # %>X Right justify the rest of the string and pad with “ X”
+ # %|X Pad to the end of the line with “ X”
+ # %*X Soft-fill with character “ X”as pad
+
+ # %?F? [%F]? If flagged emails [%F], otherwise nothing
+ # %* Pad with spaces
+
+ set sidebar_format = "%B %?n?[N]&? %* [%?N?%N/?%S]"
+
+
+---
+
+# **neomutt**
+
+## *gpg-integration*
+
+ setenv PINENTRY_USER_DATA curses
+ # In case of problems, change ~/.gnupg/ to include the line
+ # pinentry-program /usr/bin/pinentry-curses
+ # instead of
+ # pinentry-program /usr/bin/pinentry-tty
+
+
+ # automatically enable PGP encryption/signing for messages (default = yes)
+ set crypt_autopgp = yes
+
+ # attempt to cryptographically sign outgoing messages (default = no)
+ set crypt_autosign = no
+
+ # attempt to PGP encrypt outgoing messages (default = no)
+ set crypt_autoencrypt = no
+
+ # enable S/MIME encryption/signing for messages (default = yes)
+ set crypt_autosmime = yes
+
+
+ # automatically PGP or OpenSSL sign replies to messages which are signed
+ # (default = yes)
+ set crypt_replysign = yes
+
+ # automatically PGP or OpenSSL encrypt replies to messages which are encrypted
+ # (default = no)
+ set crypt_replyencrypt = yes
+
+ # automatically PGP or OpenSSL sign replies to messages which are encrypted
+ # (default = no)
+ set crypt_replysignencrypted = yes
+
+
+ # attempt to verify PGP or S/MIME signatures (default = yes)
+ set crypt_verify_sig = yes
+
+
+---
+
+# **neomutt**
+
+## *gpg-integration*
+
+ # include a time stamp in the lines surrounding PGP or S/MIME output, so spoofing
+ # such lines is more difficult. If you are using colors to mark these lines
+ # and rely on these, you may unset this setting. (default = yes)
+ set crypt_timestamp = yes
+
+ # display non-usable keys on the PGP key selection menu. This includes keys which
+ # have been revoked, have expired, or have been marked as "disabled" by the user.
+ set pgp_show_unusable = yes
+
+ # number of seconds after which a cached passphrase will expire if not used.
+ # is limited by the .gnupg/gpg-agent.conf - option 'max-cache-ttl'
+ set pgp_timeout = 600
+
+ # check the status file descriptor output of
+ # $pgp_decrypt_command
+ # and
+ # $pgp_decode_command
+ # for GnuPG status codes indicating successful decryption. (default = yes)
+ set pgp_check_gpg_decrypt_status_fd = yes
+
+ # PGP signature is only considered verified if the output from
+ # $pgp_verify_command
+ # contains the text. (default = <empty>)
+ set pgp_good_sign = "^gpg: Good signature from"
+
+ # Save a copy of outgoing email, encrypted to yourself
+ set pgp_self_encrypt = yes
+
+ #set pgp_default_key = "PGP-KEY"
+ #set pgp_sign_as = "PGP-SIGNING-KEY"
+
+ # Save a copy of outgoing email, encrypted to yourself
+ set smime_self_encrypt = yes
+ set smime_is_default = no
+
+ #set smime_default_key = "SMIME-KEY"
+ #set smime_sign_as = "SMIME-SIGNING-KEY"
+
+
+---
+
+# **neomutt**
+
+## *gpg-integration*
+
+
+ set pgp_sign_command ="gpg \
+ --batch \
+ --quiet \
+ --no-verbose \
+ --textmode \
+ --armor \
+ --output - \
+ --detach-sign \
+ --passphrase-fd 0 \
+ %?a?--local-user %a? %f"
+
+ set pgp_encrypt_only_command = "/usr/lib/neomutt/pgpewrap \
+ gpg \
+ --batch \
+ --quiet \
+ --no-verbose \
+ --textmode \
+ --armor \
+ --output - \
+ --encrypt -- \
+ --recipient %r -- %f"
+
+ set pgp_encrypt_sign_command = "/usr/lib/neomutt/pgpewrap \
+ gpg \
+ --batch \
+ --quiet \
+ --no-verbose \
+ --textmode \
+ --armor \
+ --output - \
+ --encrypt \
+ --sign \
+ --passphrase-fd 0 \
+ %?a?--local-user %a? -- \
+ --recipient %r -- %f"
+
+CAVE: either put /usr/lib/neomutt in $PATH or explicitly use /usr/lib/neomutt/pgpewrap
+
+CAVE: more complicated config = more risk, that something is incorrectly configured!
+
+---
+
+# *Interlude*
+
+## random trivia
+
+codecrypt - post-quantum encryption and signing tool
+*CAVE: software has not undergone a cryptographic audit*
+
+ # This is a GnuPG-like Unix program for encryption and signing
+ # that only uses quantum-resistant algorithms:
+ # McEliece cryptosystem (compact QC-MDPC variant) for encryption.
+ # Hash-based Merkle tree algorithm (FMTSeq variant) for digital signatures.
+
+
+ # ccr basic command usage
+
+ # Generate a strong(er) asymmetric encryption key
+ $ ccr -g ENC-256 -N SOME_NAME
+
+ # Export specified public key for sharing with contacts
+ $ ccr -F SOME_NAME -ap > SOME_NAME.pub
+
+ # Export specified private key. The -F parameter chooses the key to be used
+ # To enumerate all keys in the keyring run ccr -k for public ones and ccr -K for private
+ $ ccr -F SOME_NAME -aP > SOME_NAME_UNENCRYPTED
+
+ # Back-up keys: It is easier to backup the ccr folder in the home directory,
+ # changing its name from/to .ccr upon restore.
+ # Enable hidden file view with alt + . to see it.
+
+
+ # ccr key management
+
+ # Import a public key.
+ $ ccr -ai < [contactkey]
+
+ # Import a private key.
+ $ ccr -aI < [myprivatekey]
+
+ # Encrypt a plaintext message file only to an already imported contact key.
+ # Note this will be inaccessible to you. Save a plaintext copy for archival purposes.
+ $ ccr -aer SOME_NAME -R secret > secret.ccr
+
+ # Decrypt a ciphertext message creating plaintext output.
+ $ ccr -adR secret.ccr > secret.new
+
+
+
+---
+
+
+# **neomutt**
+
+## *attachments*
+
+ unalternative_order *
+ alternative_order multipart/mixed multipart/related text/plain text/enriched text/html
+ # define order how to view messages; multipart/* is needed for attachment forwarding
+
+ auto_view text/html
+ # automatically convert text/html into plain text
+
+ bind attach <return> view-mailcap
+ # view attachments using 'v', then open in mailcap using 'm'
+
+ mime_lookup application/octet-stream
+
+ # Ask if the user wishes to abort sending if $abort_noattach_regex
+ # is found in the body, but no attachments have been added
+ # It can be set to:
+ # "yes" : always abort
+ # "ask-yes" : ask whether to abort
+ # "no" : send the mail
+ set abort_noattach = ask-yes
+
+ # Search for the following regular expression in the body of the email
+ # English: attach, attached, attachment, attachments
+ set abort_noattach_regex = "\\<attach(|ed|ments?)\\>"
+ # Deutsch:
+ set abort_noattach_regex = "\\<(Anhang|anhängen|angehängt|anhang|anhänge|hängt an)\\>"
+
+ set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] "
+
+ set mailcap_path = "~/.mutt/config/mutt_mailcap"
+ # define link to filetypes-file
+
+
+---
+
+
+# **neomutt**
+
+## *attachments*
+
+this should be put into a separate file for mailcap
+
+
+ # html-emails and other email-formats
+ text/html; w3m -cols 80 -dump -T text/html '%s'; copiousoutput
+ application/rtf; unrtf '%s' | html2text; copiousoutput
+
+
+ # pdf-files
+ application/pdf; pdftotext '%s' - ; print=zathura '%s'; copiousoutput
+
+
+ # office-documents
+ application/vnd.openxmlformats-officedocument.wordprocessingml.document; docx2txt '%s' - | less; copiousoutput
+ application/msword; antiword '%s'; copiousoutput
+
+ application/vnd.openxmlformats-officedocument.spreadsheetml.sheet; vd '%s'; needsterminal
+ application/vnd.ms-excel; vd '%s'; needsterminal
+
+ application/vnd.ms-powerpoint; catppt '%s' | less; copiousoutput
+
+ # images
+ image/*; catimg '%s'; print=sxiv '%s'; needsterminal
+
+
+---
+
+# **neomutt**
+
+## *additional options*
+
+
+ set ispell = "aspell -e -c"
+ # use aspell as spellchecker
+
+ set thorough_search = yes
+
+
+ macro index,pager \ea "<pipe-message>abook \
+ --add-email<return>" "Add this sender to abook"
+
+ bind editor <Tab> complete-query
+
+
+additional options depending of the indexing-utility used
+
+
+ set query_command = "( abook --mutt-query '%s' ; \
+ mu cfind --format=mutt-ab '%s' | sed -n '1!p' )"
+
+---
+
+
+# **mu (maildir-utils) or notmuch or mairix**
+
+first create an index database
+
+`$ notmuch setup`
+`$ mu index --maildir=/SOMEFOLDER`
+
+for mairix the configuration file has to be created manually (using $HOME/.mairixrc)
+
+
+create symbolic links to a specific folder to be opened in neomutt
+
+
+ # searching messages
+ macro generic,index,pager,browser <Fx> "<shell-escape>mu \
+ find --clearlinks \
+ --format=links \
+ --linksdir=~/SOMEWHERE/" "mu find"
+
+ macro generic,index,pager,browser <Fx> "<shell-escape>notmuch-mutt \
+ --output-dir ~/SOMEWHERE \
+ --prompt search<enter>" "notmuch search"
+
+ macro generic,index,pager,browser <Fx> "<shell-escape>mairix " "mairix"
+
+
+ # querying messages
+ macro generic,index,pager,browser <Fx> "<change-folder-readonly>~/SOMEWHERE<enter>" "search folder"
+
+
+
+---
+
+
+# **nmh or mmh**
+
+mmh - set of electronic mail handling programs (legacy code removed from nmh)
+nmh - 'new' mail handler (although older than mmh)
+
+
+## *setup*
+
+
+currently work in progress (issue - using multiple accounts with sendmail)
+
+
+---
+
+# **open issues**
+
+## *converting .eml-files directly into mbox or maildir using cli-tools*
+
+## *how to deal with broken emails (how to prevent and how to fix them)*
+
+## *download messages using isync via a tor-proxy*
+
+solution: use tsocks/torsocks
+
+## *sending messages from different accounts using sendmail*
+
+## *tagging messages using mu*
+
+## *how to handle passwords, while being both obfuscated (within a file) and secure*
+
+possible solution: use tomb and pass
+
+## *searching gpg-encrypted messages*
+
+## *searching tar-archived message folders*
+
+## *open other emails while writing without a second 'mutt -R'-window*
+
+possible solution: postpone messages
+
+## *increase viewing space for attachments when sending messages*
+
+solution: set attach_format = " %u%D%I %t%2n %T%d%\* [%.15m/%.10M, %.8e%?C?, %.6C?, %.4s] "
+
+<!-- cave: escape-character before '*' -->
+
+## *slow, when changing to different offline folder*
+
+## *mutt sometimes hanging (not able to ^C or ^G)*
+
+## *mutt sometimes sending empty messages (when hanging)*
+
+## *accessing a maildir-folder over ssh with mutt being installed locally*
+
+## *switching between user credentials when accessing local folders*
+
+possible solution: folder-hooks
+
+## *generate a local spam-filter*
+
projects / debienna.git / commitdiff