Page MenuHome GnuPG

Deinstalling gpg4win leaves encrypted messages decrypted
Closed, ResolvedPublic


I deinstalled a recently gpg4win 2.0.0 installation and noticed that encrypted
messages were left decrypted.



Event Timeline

kjathome added projects: gpgol, Bug Report.
kjathome added a subscriber: kjathome.

The installation also was Exchange based.

Can you please give some details? The de-installation does not touch your data
files or messages.

I received an encrypted email (encrypted by gpgol 0.9.92) which used to work in
OL2003. When decrypting the email I had to pass the passphrase and the email has
been display decrypted in the very same window. Closing the window the email was
still left encrypted.
Using gpgol 1.0.0 the email has been decrypted the first time. Since then when
moving to the email no text could be seen, the passphrase has to entered (the
first time visiting the email) and the email was display decrypted as long as I
didn't close OL. Since deinstalling gpg4win the email is decrypted! The only
difference I noticed is that the icon changed from "read mail" to "unread mail"
and even doesn't change to "read" when the email is left.

Am sorry about this. This is an unslved problem existing in GpgOL for years.
In some cases Outlook somehow caches the content of the Window or syncs it back
to MAPI. I have found no way to reliable avoid that. GpgOL does all kinds of
tricks to avoid this but it is not bulletproof.

There is an option to show the body of the email as an attachment - this is not
very convenient but we make sure that attachments are not left as plaintext

I remember that I had a similar problem in a previous version which I reported
but I can't remember on which site/community. In a following version the bug has
been fixed and I never had this problem again up to and including version 0.9.92.
That's strange beacause you said that's is an existing problem since years.

This should not happen anymore with the new MIME code in GpgOL for Outlook 2010
and later.
With the "Decrypt Body" function we had in Outlook 2010 and later you could
store the plaintext if you decrypted a mail and then confirmed the "Do you want
to save" dialog.

But for messages which are now automatically decrypted / verified the plain text
should never be stored persistently. T2138 might have caused this but this
was because GpgOL was deactivated before it prevented Outlook from storing the

Does not happen for current GpgOL versions and OL < 2010 support in GpgOL is no longer maintained -> resolved