GpgOL: Failure to detect a PGP/MIME Message
Closed, ResolvedPublic


GpgOL may fail to detect if a mail is a PGP/MIME Message

Extracted from T3537:

But now I have a slightly different problem: I can send an encrypted email to another recipient. If the other recipient is using a Linux client (like Gnome Evolution) and is replying to the original email, Outlook will display again no email body and 3 attachments :
-untitled attachment 00001.gpg

From the log I can see that pre processing the mail fails:

04:30:39/12804/mail.cpp:pre_process_message: GetBaseMessage OK.
04:30:39/12804/mapihelp.cpp:mapi_change_message_class: checking message class `IPM.Note'
04:30:39/12804/ERROR/mapihelp.cpp:mapi_get_message_content_type: error getting the headers lines: hr=0x8007000e
04:30:39/12804/mapihelp.cpp:change_message_class_ipm_note: content type is 'null'
04:30:39/12804/mapihelp.cpp:get_msgcls_from_pgp_lines: OpenProperty(1000001f) failed: hr=0x8004010f
04:30:39/12804/ERROR/mail.cpp:pre_process_message: Failed to find moss attachment.

GpgOL fails to obtain the message content type and as such won't mark it as a PGP/MIME Message stopping Outlooks normal parsing. The attachments are outlooks "normal" parsing of a PGP/MIME mail, just like if GpgOL was disabled.

The weird thing is that hr=0x8007000e is "MAPI_OUT_OF_MEMORY" which is unlikely. I give this normal priority for now because this does not happen regularly.

Xv: Which transport are you using (e.g. Exchange 2010 / IMAP / etc.). My first guess is that maybe the Mail was not fully downloaded and somehow the Header data was unavailable in MAPI but it's strange. If you switch to a different mail and back again to that mail is the behavior the same?


Xv added a comment.Nov 30 2017, 1:49 AM

The connection is a POP3 connection. Email server is a 3rd party email service provider. I doubt is an Exchange server (I believe they run a Linux server).
Switching to a different mail and back makes no difference - no email body displayed for the encrypted email.

I've recreated the PGP keys and restart Outlook and gpg agent.

I did some additional testing with more email clients. I used 3 email clients, with 3 different email accounts (2 email servers):

  • Client1 - Outlook 2010 on Windows 7 x86
  • Client2 - Gnome Evolution
  • Client3 - KDE Kmail

The only thing that did not work properly was Outlook receiving a reply email: so Outlook sends an encrypted message to Evolution, Evolution replies back (encrypting the reply), but Outlook will not display the received reply body. But this time displaying an email that was not a reply worked properly in Outlook

aheinecke added a comment.EditedNov 30 2017, 6:39 AM

It would be very helpful if you could export ("Save As") such a mail in Outlook and attach it here / send it to me. I don't have to be able to decrypt it but I would probably be able to figure out why it's not detected as a crypto mail.

Xv added a comment.EditedDec 1 2017, 5:00 AM

To sum up: Outlook can't decrypt a reply, although it can decrypt a direct email from the same sender.
Another thing I just noticed: once Outlook receives the reply (the one it can't decrypt), I can no longer move emails to other folders. If I deactivate GpgOL plugin, I can move the messages again.
Can I pm you the saved message ?

Yes please you can send it directly to mailto://
If you want to encrypt it my key is 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1


Received a test message and I understand it now. The header lines in the test mail are so large that they cannot be queried as a single property (out of memory because the max is pretty low, 4k or so) but have to be accessed through a stream interface. Many of the headers relate to Thread and In Reply To etc. so this explains why the problem only happens on reply.
I think I can quickly fix it.

aheinecke changed the task status from Open to Testing.Dec 2 2017, 3:22 PM

We now read the headers as a stream. This fixes the detection of the content type for your example mail. It now correctly fails for me with "No Secret Key".

The fix is in 2.0.4-beta22 from if you'd like to confirm the fix.

Xv added a comment.Dec 3 2017, 7:56 PM

I've tested the fix and so far I found no problems with decryption and email rendering.
If you want I can report back here, after using GgpOL several more days testing the fix in day-to-day usage, and then if everything is fine we can close this ticket.
Thank you very much for your time.

Xv added a comment.Dec 8 2017, 1:02 AM

This ticket can be closed. No further issue with email decryption after applying the provided patch

aheinecke closed this task as Resolved.Dec 11 2017, 11:55 AM