Google Apps Sync is a COM Addin for Outlook that creates it's own data store / transport layer in Outlook.
This conflicts with GpgOL in that it is not possible to create valid OpenPGP/MIME or S/MIME Messages when using the Google Apps Sync account.
As a workaround users have to use IMAP / SMTP to access their Google Mails through Outlook. Then GpgOL works as expected. Alternatively GpgOL might fallback to the old "no-mime" interface for these accounts.
GpgOL relies on the MS-OXOSMIME: S/MIME Email Object Algorithm to send a valid PGP/MIME Mail.
Basically we use the same way Outlooks S/MIME Mails use to create valid MIME without being mangled by Exchange.
As far as we know it is not possible even with Outlooks built in S/MIME Support to send crypto mails through Google App Sync. So there is no obvious way we could also use such a message handling for our PGP/MIME or S/MIME Mails.
Normally GpgOL creates the full PGP/MIME Structure as an attachment, sets a specific message class and Outlook / Exchange then use this attachment as the MIME structure of the sent mail. Google Apps Sync takes this attachment and wraps it additionally in a multipart/mixed structure and doubly encodes the contents. There is no Mail User Agent known that gracefully handles such a structure. Resulting in broken mails both for the sender and the receiver.
Example of such a mangled MIME Structure:
Content-Type: multipart/mixed; boundary="001a11402dda2db6c6055f0d1edc" --001a11402dda2db6c6055f0d1edc Content-Type: application/pgp-encrypted Content-Disposition: attachment Content-Transfer-Encoding: base64 VmVyc2lvbjogMQ0K --001a11402dda2db6c6055f0d1edc Content-Type: application/octet-stream Content-Disposition: attachment Content-Transfer-Encoding: base64 LS0tLS1CRUdJTiBQR1AgTUVTU0FHRS0tLS0tDQoNCmhRRU1BeDdVOEx4cys4a1NBUWdBa05GWmtu ( < doubly base 64 encoded PGP Message)
This issue is supposed to be a "big picture" / discussion issue that may include subtasks to improve compatibility with G Sync.
- We could put the Mail Body into a PGP MESSAGE and add that as a text/plain part. (PGP/Inline)
- This would work with most mailers but would not work properly with attachments.
- We could only allow sending encrypted PGP Mails without attachments. (Users would have to send attachments in a different mail with file encryption)
- Encrypting attachments automatically would be a lot of effort to properly implement on the sending and the reading side.
- We could show the old 1.x Interface with the "Add Encrypted File" "Encrypt Text" buttons for manual encryption if a G Sync account is detected.
- We could just bail out if a G Sync account is detected and insist that for Crypto Mail IMAP / SMTP access to gmail is used.