headers
Kyle Wheeler | 1 May 06:58

Re: moving through mailboxes with new mail


On Sunday, April 29 at 04:09 PM, quoth Kevin Coyner:
>One more observation:
>
>    mutt seems to be interpreting a status of 'O' (old) as new mail.
>    That's why it keeps going back to the same mailboxes as I only
>    glance at the index view in the mailbox and not the actual email
>    itself.
>
>Thanks in advance for any pointers.

This sounds like an issue of mutt using UIDNEXT versus RECENT to 
determine the existence of new mail (essentially, the behavior of 
these things varies from server to server). I seem to recall that in 
recent versions of mutt you can switch between them (I don't have my 
regular mutt handy, or I'd just look it up in the man page). Anyway, 
try asking on the dev list - they would know.

~Kyle
--

-- 
Every American expects and deserves clean air, and then we act on that 
belief, then we will set an example for the rest of the world to 
follow.
                                                  -- George H. W. Bush
Permalink | Reply | 0 comments |
headers
Stefano Sabatini | 1 May 16:09
X-Face
Picon
Favicon

GPG and good signature (mis?)behaviour

Hi mutters,

I'm getting this strange behaviour when I try to verify the integrity
of a message with mime type multipart/signed and signed with PGP.

In most cases it works just fine, but in some cases I get something
as:

[-- PGP output follows (current time: Tue 01 May 2007 03:50:24 PM CEST) --]
gpg: Signature made Tue 01 May 2007 03:34:27 PM CEST using DSA key ID XXXXXXXX
gpg: Good signature from "xxxxxx xxxxxxx <xxxxxxxxxxxxxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: xxxx xxxx xxxx xxxx xxxx  xxxx xxxx xxxx xxxx xxxx
[-- End of PGP output --]

So the signature should be a good one, but the flag in the index
remains "s" rather than "S" (correctly signed). As I said, this
doesn't work as expected just in few cases.

This is my crypto setting:

# %f: message file
# %s: signature file
# %a: pgp_sign_as value
set pgp_decode_command="gpg %?p? --passphrase-fd 0? --no-verbose --batch --output - %f"
set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign
--textmode %?a?-u %a? %f"
(Continue reading)

Permalink | Reply | 11 comments |
headers
Todd Zullinger | 1 May 16:37
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

Stefano Sabatini wrote:
> Hi mutters,
> 
> I'm getting this strange behaviour when I try to verify the integrity
> of a message with mime type multipart/signed and signed with PGP.
> 
> In most cases it works just fine, but in some cases I get something
> as:
> 
> [-- PGP output follows (current time: Tue 01 May 2007 03:50:24 PM CEST) --]
> gpg: Signature made Tue 01 May 2007 03:34:27 PM CEST using DSA key ID XXXXXXXX
> gpg: Good signature from "xxxxxx xxxxxxx <xxxxxxxxxxxxxxxxxxxx>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the owner.
> Primary key fingerprint: xxxx xxxx xxxx xxxx xxxx  xxxx xxxx xxxx xxxx xxxx
> [-- End of PGP output --]

The important part is the gpg warning.  It means that the key used to
sign the message isn't signed (certified) by your key (or the key of
someone else that you've marked as trusted).

You can test this by adding a local signature to a key for which this
happens (gpg --lsign-key <keyid>).

--

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
It is easier to fight for one's principles than to live up to them.
    -- Alfred Adler
(Continue reading)

Permalink | Reply | 8 comments |
headers
Sander Smeenk | 1 May 17:04

Re: GPG and good signature (mis?)behaviour

Quoting Todd Zullinger (tmz <at> pobox.com):

> The important part is the gpg warning.  It means that the key used to
> sign the message isn't signed (certified) by your key (or the key of
> someone else that you've marked as trusted).

Sorry, but your key is not 'trusted' in my trustdb, yet the 's' in front
of your message changes to an 'S' after reading it.

> You can test this by adding a local signature to a key for which this
> happens (gpg --lsign-key <keyid>).

And i haven't added a local signature to your key :-)

Regards,
Sander.
--

-- 
| I feel like I'm diagonally parked in a parallel universe.
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8  9BDB D463 7E41 08CE C94D
Permalink | Reply | 1 comment |
headers
Todd Zullinger | 1 May 17:25
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

Sander Smeenk wrote:
> Sorry, but your key is not 'trusted' in my trustdb, yet the 's' in
> front of your message changes to an 'S' after reading it.

Hmmm, you're right.  

(I should know better than to post before noon.  :)

--

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
Quick to judge, quick to anger, slow to understand.
Ignorance and prejudice and fear walk hand in hand.
Permalink | Reply | 0 comments |
headers
Todd Zullinger | 1 May 17:31
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

Stefano Sabatini wrote:
> This is my crypto setting:
> 
> # %f: message file
> # %s: signature file
> # %a: pgp_sign_as value
> set pgp_decode_command="gpg %?p? --passphrase-fd 0? --no-verbose --batch --output - %f"
> set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
> set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
> set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign
--textmode %?a?-u %a? %f"
> set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor
--textmode --clearsign %?a?-u %a? %f"
> set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt
--textmode --armor --always-trust --encrypt-to 0xC9C40C31 -- -r %r -- %f"
> set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose
--textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xC9C40C31 --
-r %r -- %f"
> set pgp_import_command="gpg --no-verbose --import -v %f"
> set pgp_export_command="gpg --no-verbose --export --armor %r"
> set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r"
> set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r" 
> set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r" 
> 
> # a regexp: if that matches the mutt output from pgp_verify_command then the message is considered verified
> # I'm not sure this is necessary, since gpg already exit with an useful exit code of 0 in case
> # of success
> set pgp_good_sign="^gpg: Good signature from"
> #set pgp_check_exit=no
>
(Continue reading)

Permalink | Reply | 1 comment |
headers
Derek.Li | 1 May 17:33

Unsubscribe link does not work?


Press the 'Unsubscribe' button on the mail list page, and got the
following error:

The page cannot be found
The page you are looking for might have been removed, had its name
changed, or is temporarily unavailable.

Thanks,
Derek
------------------------------------------------------------------------
For important statutory and regulatory disclosures and more information about Barclays Capital, please
visit our web site at http://www.barcap.com.

Internet communications are not secure and therefore the Barclays Group does not accept legal
responsibility for the contents of this message.  Although the Barclays Group operates anti-virus
programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being
passed.  Any views or opinions presented are solely those of the author and do not necessarily represent
those of the Barclays Group.  Replies to this email may be monitored by the Barclays Group for operational
or business reasons.

Barclays Capital is the investment banking division of Barclays Bank PLC, a company registered in England
(number 1026167) with its registered office at 1 Churchill Place, London, E14 5HP. This email may relate
to or be sent from other members of the Barclays Group.
------------------------------------------------------------------------
Permalink | Reply | 0 comments |
headers
Stefano Sabatini | 1 May 18:04
X-Face
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

Hi Todd, and thanks for your reply.

On date Tuesday 2007-05-01 10:37:13 -0400, Todd Zullinger muttered:
> Stefano Sabatini wrote:
> > Hi mutters,
> > 
> > I'm getting this strange behaviour when I try to verify the integrity
> > of a message with mime type multipart/signed and signed with PGP.
> > 
> > In most cases it works just fine, but in some cases I get something
> > as:
> > 
> > [-- PGP output follows (current time: Tue 01 May 2007 03:50:24 PM CEST) --]
> > gpg: Signature made Tue 01 May 2007 03:34:27 PM CEST using DSA key ID XXXXXXXX
> > gpg: Good signature from "xxxxxx xxxxxxx <xxxxxxxxxxxxxxxxxxxx>"
> > gpg: WARNING: This key is not certified with a trusted signature!
> > gpg:          There is no indication that the signature belongs to the owner.
> > Primary key fingerprint: xxxx xxxx xxxx xxxx xxxx  xxxx xxxx xxxx xxxx xxxx
> > [-- End of PGP output --]
> 
> The important part is the gpg warning.  It means that the key used to
> sign the message isn't signed (certified) by your key (or the key of
> someone else that you've marked as trusted).
> 
> You can test this by adding a local signature to a key for which this
> happens (gpg --lsign-key <keyid>).

I discovered this behaviour is dependant on the folder I'm exploring.
There happens to be "good" folders and "bad" folders, in the good ones
I can see the "s" flag right just when I open them in the index and
(Continue reading)

Permalink | Reply | 5 comments |
headers
Stefano Sabatini | 1 May 19:28
X-Face
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

On date Tuesday 2007-05-01 11:31:18 -0400, Todd Zullinger muttered:
> Stefano Sabatini wrote:
> > This is my crypto setting:
> > 
> > # %f: message file
> > # %s: signature file
> > # %a: pgp_sign_as value
> > set pgp_decode_command="gpg %?p? --passphrase-fd 0? --no-verbose --batch --output - %f"
> > set pgp_verify_command="gpg --no-verbose --batch --output - --verify %s %f"
> > set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose --batch --output - %f"
> > set pgp_sign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor --detach-sign
--textmode %?a?-u %a? %f"
> > set pgp_clearsign_command="gpg --no-verbose --batch --output - --passphrase-fd 0 --armor
--textmode --clearsign %?a?-u %a? %f"
> > set pgp_encrypt_only_command="pgpewrap gpg --batch --quiet --no-verbose --output - --encrypt
--textmode --armor --always-trust --encrypt-to 0xC9C40C31 -- -r %r -- %f"
> > set pgp_encrypt_sign_command="pgpewrap gpg --passphrase-fd 0 --batch --quiet --no-verbose
--textmode --output - --encrypt --sign %?a?-u %a? --armor --always-trust --encrypt-to 0xC9C40C31 --
-r %r -- %f"
> > set pgp_import_command="gpg --no-verbose --import -v %f"
> > set pgp_export_command="gpg --no-verbose --export --armor %r"
> > set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint --check-sigs %r"
> > set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons --list-keys %r" 
> > set pgp_list_secring_command="gpg --no-verbose --batch --with-colons --list-secret-keys %r" 
> > 
> > # a regexp: if that matches the mutt output from pgp_verify_command then the message is considered verified
> > # I'm not sure this is necessary, since gpg already exit with an useful exit code of 0 in case
> > # of success
> > set pgp_good_sign="^gpg: Good signature from"
> > #set pgp_check_exit=no
(Continue reading)

Permalink | Reply | 0 comments |
headers
Todd Zullinger | 1 May 20:03
Picon
Favicon

Re: GPG and good signature (mis?)behaviour

Stefano Sabatini wrote:
> I discovered this behaviour is dependant on the folder I'm exploring.
> There happens to be "good" folders and "bad" folders, in the good ones
> I can see the "s" flag right just when I open them in the index and
> the verify mechanism works as expected (that is good signatures
> results in a "S" flag), in the bad ones I can't see the "s" when
> opening them in the index, but it appears when I display the
> corresponding mail in the pager, and the "s" doesn't become "S" after
> I verify them even if they are good (according to the gpg output).
> 
> I tried to figure out some relevant difference between the good and
> bad folders (I'm using maildir formats), but without success... very
> puzzling, so I have to conclude this is a rather strange bug.

Hmmm.  Do you have folder hooks in play that could cause this?  If you
haven't already, perhaps try with a very stripped down muttrc and see
if it still happens.

> Anyway, apart from the strange "s"/"S" inconsistency, the gnupg output
> seems correct (I verified ti with corrupt signatures), so it means I
> don't have to blindly trust stupid flags ;-).

Good to know.  I don't tend to pay much attention to the s/S flag in
the index, so perhaps I've run into this as well without noticing.

--

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
======================================================================
A cynic is a man who, when he smells flowers, looks around for a
coffin.
(Continue reading)

Permalink | Reply | 4 comments |

Gmane