Page MenuHome GnuPG
Create Task
Maniphest T6065

GpgOL attachement size handled wrong
Open, LowPublic
Actions

Description

I think GPG4Win (great software by the way), does not handle attachement sizes correctly.
I'm using:
-Windows 10 21H2 (19044.1766)
-Office Professional Plus 2021 (2108)
-GPG4Win 4.0.2

I have two machines that are identical in that regard, that are however not mirrored otherwise and have different software and settings, that's why I'm somewhat sure I found an actual error.

The problem:
If I create an E-Mail that requires attention from GpgOL, no matter if encrypted or just signed, if the E-Mail attachements exceed a certain size (I'm mostly sure that it happens once you go over 10MB, so 50% of the 20MB limit predetermined by Microsoft Outlook), GpgOL prints:
"The mail exceeds the maximum size GpgOL can handle on this server"
and gives a list of the files it proceeds to ignore. Other E-Mail applications supporting OpenPGP handle the mail just fine.

The funny and confusing thing is, I can create said E-Mails wit GpgOL without a problem, encrypting, uploading, sending, no errors.

But If I go back to read the E-Mail either in the "Sent" folder of the same account or the "Inbox" folder of the recipients account, I get the error message.

I can however circumvent the problem by following this guide from Microsoft (https://docs.microsoft.com/en-us/outlook/troubleshoot/message-body/attachment-size-exceeds-the-allowable-limit-error) regarding increasing the standard attachement size for Outlook as a whole.

So, to be more precise it is an error in the communication between Outlook and GpgOL I think.
If I send the same files unencrypted, Outlook handles it fine.
If I raise the Outlook limit, GpgOL works as intended.

However, hacking the registry should not be expected by the average user.

I attached some screenshot of the complete error message (in German), and how after clicking "OK" the E-Mail is opened, but some of the files are not displayed.

Details

Version
4.0.2

Event Timeline

encryptedsoul created this task.Jul 6 2022, 11:18 AM
aheinecke triaged this task as Low priority.Jul 6 2022, 12:10 PM
aheinecke added a subscriber: aheinecke.

The problem is that we keep the original, encrypted, signed structure of the mail as a hidden attachment. When we then add the attachments we extracted from the original mail as "real" attachments in the Outlook data structures we basically double in size and hit an error in Outlook. It does not always have to be double, e.g. if the attachment was compressed in the encrypted data it can be much larger then the original mail. So this happens mostly with data that is not easy to compress.

I am a bit unsure what to do with this report as this is something that we do not have a real solution for. I keep it open because we might do something different in the future to avoid the problem.

encryptedsoul added a comment.EditedJul 6 2022, 12:15 PM

So maybe add a hint with the workaround to the error message, maybe even link to some *.reg files that would fix it, with a big fat warning to respect and look out for your E-Mail providers attachement size limits. The 20MB thing from Outlook is nothing more than an educated guess by Microsoft in the first place, some providers have smaller limits and the user has to identifiy the server error code themselves anyways.

It took me a while to try and verify some things, and I can't imagine I'm the only one that ever stumbled upon this. Others shouldn't have to figure it out on their own.