I can also confirm that 2.0.6-beta9 fixes my issue with this too. Also with my own exchange server!

In T3656#109404, @aheinecke wrote:

But that's it.
With these Options set and explicitly unchecking Sign & Encrypt before sending I get the exact same behavior that you two describe. Mails are sent unencrypted.

But that's it.
With these Options set and explicitly unchecking Sign & Encrypt before sending I get the exact same behavior that you two describe. Mails are sent unencrypted.

In T3656#109402, @JHohmann wrote:

Yes, I also have this option enabled:

And no, I disable Signing and Encryption, before enabling PGP Encryption for the specific email

Yes, I also have this option enabled:

I have now also the error T3662
Will try also 2.0.6-beta9

In T3656#109394, @Mak wrote:

Ahh, and yes I use a public personal s/mime cert to sign my mails. nothing else.

OK, found the problem now. Its the smime settings. I have set them to sign all outgoing mails. And thats where the problem starts...

Ahh, and yes I use a public personal s/mime cert to sign my mails. nothing else.

My too, no outgoing rules.

I do not have any rules configured that are applying to outgoing mails. (As far as I can see them with a non-administrative account)
Are there any group-policies, that might affect the behavior of Outlook regarding to GpgOL?

Another question: Any outgoing Filters (Email Rules)?

@JHohmann Your log is similar in that I can see two Write events after the send of which there should only be one. Somehow we seem to do crypto on a copy mail object and another mail is acutally sent.

I don't think that it is possible to create you an account.

Quoted Text

Any chance that I could get a temporary test account on your Server?

We have the same problem.
Sent emails are not encrypted with gpg4win 3.0.2
Outlook 2016
Exchange 2010
Locale: German
Plugins: Skype, OneNote, Sophos

I can confirm that this appears to be fixed in 2.0.6-beta9.

For T3662 (PGP/Inline problem with Microsoft Exchange Online) I had to change the code used to send PGP/Inline.

I've changed the behavior now so that PGP/Inline also works with Exchange Online.

In T3656#109246, @Mak wrote:

I sent it to a user on a different Mailserver. On my setup its nothing special... Win 10 Enterprise N en, Office 365 Pro Plus en, Kaspersky Internet Security. Server Win 2012 R2 with Exchange Server 2013 and GFI Mailessentials.
I don't think there is anything special... :-(

I sent it to a user on a different Mailserver. On my setup its nothing special... Win 10 Enterprise N en, Office 365 Pro Plus en, Kaspersky Internet Security. Server Win 2012 R2 with Exchange Server 2013 and GFI Mailessentials.
I don't think there is anything special... :-(

As this is still waiting for info for two years and I can't reproduce with current GpgOL -> Resolved.

This is strange, something in your setup must be different from other users. Any Idea what might be special for you? In your log it looks like only the send event for the encrypted mail is passed.
Where do you send your mails to, to another user on the same exchange server?

I can confirm that PGP/MIME works ok for me.

I disabled all my add-ins and tested it again. Still the same. Mails are sent unencrypted.
Tried also to send a plain text message

I can reproduce the issue but only for PGP/Inline, encrypted only mails. PGP/MIME works finde. This allows for an easy workaround (sending PGP MIME) so Prio down to Normal.

All e-mails I tried to open with 2.0.6-beta7 gpgol.dll were readable and showed the correct content in my environment, now. Great!

While trying to reproduce another bug I've set up an account with Exchange Online. With that account I had similar behavior with empty mails shown. The behavior also matched to the logging of the last mail in your log.

Prio High as this makes GpgOL unusable in such a setup.

I give this high priority as sending unencrypted is pretty much a worst case scenario. :-o

Enabled Logging, and here the results with some Errors inside...

As answered in the forum: https://wald.intevation.org/forum/forum.php?thread_id=1837&forum_id=21&group_id=11 :

Unsupported Protocol means that GpgOL can't find your GnuPG installation. Maybe something went wrong during the install of Gpg4win?

Hi @hs,
given that you have used the instructions from the link above to look at the message,
I'll take it that you are using an IMAP/SMTP setup for mail transportation?

A signed but not encrypted message appears in the same way (visible in Sent, empty in Inbox)

Looking at the messages from above using another PC, same Windows 7 and Outlook 2010 but Gpg4Win 2.3.3 :

• received message in Inbox is decrypted shown correctly inline both in preview and opening it
• original message in Sent is not decrypted, but shown as encrypted with gpgolXXX.dat attachment

Hence, it shows the opposite behavior to the 3.0.2 handling.

One problem seems to be that the content of Inbox message differs from this one in the Sent folder (10 vs. 20 KB).
The content of the Inbox is shown as empty, even using the "show source" option. Saving the message as plain text shows a PGP part inside, but this is ignored by Outlook.
I tried this advice:
How to view the message source in Outlook
But the result is the same, after maked as read, the message becomes unreadable.

• fresh install of Gpg4Win 3.0.2
• reboot
• openening Outlook 2010 with only one plugin (GpgOL)
• sending an encrypted email to myself
• trying to open that email (no content)

@aheinecke Because it was mentioned in another comment, I've tried to restart Outlook with the GpgOl plugin enabled, only. Same result. But the fact that I could see the message just after arrival, but not in a second approach may point in a direction that incoming messages are processed by an server-based filter changing potentially vulnerable email content (as embedded links).
I could try to log the complete process of sending an email to myself, decrypting once and failing in a second trail. This would actually increase the size of the log file.

@hs Your log is interesting but I don't yet understand it. We see a "Load" event for an encrypted mail, create our internal data modelling. But later there is a mismatch between the reference Outlook gives us and our internal reference (Failed to find mail in map).
Out of the blue there might be something I could do in that case but it's still somewhat unclear to me why this state occurs.

Just installed Gpg4Win 3.0.2.
Had a very similar effect with Windows 7 / Outlook 2010:

• Sending an encrypted e-mail to myself.
• E-mail will be decypted once after receiving.
• After that, e-mail is shown as "unsecure" and with empty message body (both in preview and own window).
• E-mail in "Sent" folder still decryptable with right content.

I've added gpgol.log for opening Outlook again after receiving the e-mail (with empy body, now).

Correct, this was also the case before, sorry for the misunderstanding.

The HTML in the body below the text on the GpgOL-1.4 side is a known issue of GpgOL-1.x we only added proper HTML handling with GpgOL 2.
GpgOL before 2.0 just appended the text/html mime part to the text/plain mimepart in multipart/alternative mails.

PS: And I can confirm that I have a lot of HTML Garbage in my mail body (on the receiver plain text side):

I can confirm that it works for me, too: Fantastic, thanks!

In my tests it's fixed with: b8276a4f3acecee2e467c0530007aedc9db5936a the plain text body now uses similar code to the html part. Makes sense anyway. The difference was mostly historic as GpgOL before 2.0 did not handle HTML parts at all.

If I send "Nur Text" (plaintext only) under formatting it works as expected. We query Outlook for the Body from the MAPI Data model and just get the wrong value returned. For the HTML part we use the Outlook Object Model (as we had a similar problem there that the MAPI data was not updated properly.)
The fix is obvious. We can use similar code to our handling of the HTML body. This is a workaround for an Outlook bug IMO, why should sending from drafts differ from the usual sending *sigh*

Wow, fast reaction! I'm happy to help evaluate a possible fix for this.

I can reproduce that problem and have opened T3614 for this.

Hi, first of all I want to report back that with beta15 that the following issues did NOT arise anymore, fantastic!

I only installed 3.0.2 this morning so this hasn't had much of a chance to happen.

T2854 is a duplicate of this but contains more up to date information. So I'm closing this issue.

Does this still happen with gpg4win-3.0.2?

Gpg4win 3.0.2 is released which contains even more fixes for GpgOL -> Resolving this. Please let us know if you still have Problems that are not tracked here.

The option now has the following logic:

• If encrypted is selected and the message is not signed.

and

• If the message has no attachments.

and

• If the option for inline sending is enabled

The problem was with a special attachment that had no file extension. Fixed now.

I can't reproduce this with the above steps. It is sadly a known issue that moving crypto mails does not work as long as they are viewed. (T3459) But for me opening any unencrypted mail and moving it. Or first opening an encrypted mail and then moving an unencrypted mail works.

This ticket can be closed. No further issue with email decryption after applying the provided patch

I looked into it. The problem is that attachments are opened as "Read Only" so we can't change the message class or handle it ourself. Once opened there is no apparent way to change the message to read only. Only if the message containing the attachment is marked as modifyable:

I tried to reproduce this with current GpgOL and it just worked. Even if I connected Enigmail to Exchange (Outlook.com).

@patoberli This looks very much like a crash I also observed on close and fixed with 1d0660fa53d357247ac84545f9259244a1d9400c the crash has nothing to do with the hang but thanks for the feedback anyway.

I finally had a crash again today, when I tried to close outlook.
I was running the debug log for several days now, until it finally crashed. Using gpg4win 3.0.1.
Here from the debug file:
*removed entries for privacy reasons*
12:28:46/19196/oomhelp.cpp:remove_category: category 'GpgOL: Verschlüsselte Nachricht' not found.
12:28:46/19196/mail.cpp:parsing_done:882: tracepoint
12:28:46/19196/mail.cpp:parsing_done:885: tracepoint
12:28:46/19196/gpgoladdin.cpp:gpgoladdin_invalidate_ui: Invalidating ribbon: 1D363A70
12:28:46/19196/mail.cpp:parsing_done:900: tracepoint
12:28:46/18768/parsecontroller.cpp:~ParseController
12:28:46/18768/mimedataprovider.cpp:~MimeDataProvider
12:28:46/18768/attachment.cpp:~Attachment
12:28:46/18768/mimedataprovider.cpp:~MimeDataProvider
***here I closed Outlook, but Outlook froze. I then killed the process in Windows.
12:34:02/19196/windowmessages.cpp:gpgol_hook: WM_CLOSE windowmessage for explorer. Closing all mails.
12:34:02/19196/mail.cpp:close_all_mails:1084: tracepoint
12:34:02/19196/returned from invoke

I've tested the fix and so far I found no problems with decryption and email rendering.
If you want I can report back here, after using GgpOL several more days testing the fix in day-to-day usage, and then if everything is fine we can close this ticket.
Thank you very much for your time.

We now read the headers as a stream. This fixes the detection of the content type for your example mail. It now correctly fails for me with "No Secret Key".

Received a test message and I understand it now. The header lines in the test mail are so large that they cannot be queried as a single property (out of memory because the max is pretty low, 4k or so) but have to be accessed through a stream interface. Many of the headers relate to Thread and In Reply To etc. so this explains why the problem only happens on reply.
I think I can quickly fix it.

A new installer with an updated libassuan is now available. To download gnupg-2.2.3_171201.exe please go to https://gnupg.org/download/ . If you had the disable-check-own-socket in your gpg-agent.conf, please remove it so that we can really see whether that version fixes the problem.

Many improvements since dec 2016 to gpgol. Latest master is much more stable (needs a Gpg4win release)

Yes please you can send it directly to mailto://aheinecke@intevation.de
If you want to encrypt it my key is 94A5C9A03C2FE5CA3B095D8E1FDF723CF462B6B1

I am very happy to hear that! Thanks.

After a week with the current version, including a registry cleanup, I had no crashes in Outlook. At the moment it seems to be running stable.

To sum up: Outlook can't decrypt a reply, although it can decrypt a direct email from the same sender.
Another thing I just noticed: once Outlook receives the reply (the one it can't decrypt), I can no longer move emails to other folders. If I deactivate GpgOL plugin, I can move the messages again.
Can I pm you the saved message ?

Better to fail loudly instead of silently breaking.

For now I've added messages to make it clear to the user that most actions won't work with G Sync.
Better to fail loudly instead of silently breaking.

I can no longer reproduce this. We had another report about this were we also tested this and it's ok with recent GpgOL 2.x versions. -> Resolved

Does not happen for current GpgOL versions and OL < 2010 support in GpgOL is no longer maintained -> resolved