We did not remove the "<>" from the content id. This worked for the first display but when forwarding they got doubled and it broke.

The code had the assumption that a content-id
could only exist on an attachment for HTML mails as it otherwise
does not make sense.

I was able to reproduce this when I forwarded the mail after opening it in a new window. Somehow that appears to influence it.

Closing this as the moving problem was fixed.

That was obvious. rG6fc5df1e10129f3171d80cf731f310b9e8d97c26 fixes this.

When doing a "gpgsm --with-validation -k foo" (assuming you have a cert foo) gpgsm now goes into a loop and prints the certficates that match "foo" over and over again. I have not tested if it was caused by this change but I think it is likely.

I imported 39 certificate files at once with Kleopatra with about 700 certificates and it worked. Took a long time though so It would be nice if Kleopatra would show a progess indicator or some indication that the import is running. But this is a different issue.

Or a better tl;dr; When you send mails without "inline" option everything is fine and standardized. The problem is that the old version of GpgOL that your college uses is too stupid to handle this ;-)

Yes your colleague should or basically needs to upgrade. 2.2.3 is very outdated. There are security issues that were fixed by then etc.

In T4515#125651, @aheinecke wrote:

Hi,

What client does your colleague use so that you have to use PGP/Inline?

That format where the attachment is it's own PGP Encrypted file is very problematic. You basically have mutliple signature and encryption states. An attacker can easily remove or add attachments to the message. The attachment name is leaked. etc. Also see: https://wiki.gnupg.org/PgpPartitioned

Our opinion is that if you really _have_ to use PGP/Inline that you must do so manually using Kleopatra's notepad and Encrypted files.

I am a bit unsure if I just close this as "Wontfix" or move it to Wishlist. I think for now I go with Wishlist but do not expect that feature soon. At least until maybe some really important use case comes up.

Anyway, thanks for your feedback. It is always valuable to know what users would like to have.

Best Regards,
Andre

What client does your colleague use so that you have to use PGP/Inline?

The last lines that the process currently holding wrote in the log:

To reproduce this issue I started Kleopatra with an empty GNUPGHOME and imported 10 S/MIME certs at once (which spawns a gpgsm process each) with enabled logging.

Mmh no. This needs to go into the resolver. If autoresolve is disabled we also want to have that functionality. Having the ca config in libkleo would also help to use the same values in Kleopatra for a CSR.

Good to hear this request from someone else, this gives it more priority :-).

But sadly I can't see any problem with the mail. Looking at the source of the mail it has the image as one attachment. That attachment is displayed. There are no other attachments part of the mail and so other clients also only show that one attachment.

I have sended the email...

Without more reports and without the info needed to analyze this further I'm lowering the priority.

I think this can go to wontfix for now. Inline PGP inside of S/MIME,.. well that is not good.

This was fixed.

Unsupported protocol still means something with your GnuPG installation is strange.
Whats surprising me most here is that Kleopatra works for you.

I've looked into it alot first: If I use outlooks builtin S/MIME support it also does not work for me, at least over SMTP. I see the attachments but they have unknown type and if I double click them I get errors.

This was fixed afaik in 3.1.7 please let me know if this still does not work for you.

No more reports about this in a while.

3.1.6 is released.

3.1.6 is released

3.1.6 is released.

3.1.6 is released.

3.1.6 is released please use that one.

I think I found it. The problem was that for mails without headers the S/MIME detection would fail and the mails would still be handled by GpgOL. I think this together with the fixes for T4403 / T4267 should finally solve this with Gpg4win-3.1.6

This has been implemented.

If the filename embedded in the encrypted message differs from the filename Kleopatra uses (which is derived from the file system filename) Kleopatra will now show the filename. This should cover the case where users receive an "Attachment.pgp" and do not know what that is.

I'm changing this to testing as the original problem is now fixed with a good solution that properly detects the contents of ms-tnef wrapped messages.

b8d651c4d083d2295cdd75e9f5882ab36ef8f418 Fixes this issue.

Hi - that did the trick. The linked gpgol.dll loads without any issues. However the decryption of e-Mails don't work. I get the
"OpenPGP Encrypted message (decryption not possible) Could not decrypt the data: Unsupported protocol" error.

Yeah, that worked halfways. Meaning, if I try to send the forwarded mail
from inline / reader / docked mode, the Button lights up but no sending
happens. If I send it from undocked window, it works and the original
problem doesn't happen.

see: https://wiki.gnupg.org/TroubleShooting#Manually_update_GpgOL_to_a_beta

This is very strange, common to all the crashes in the log is that they happen while a keylisting is running and before the first key from that keylisting is returned. But this could be a red herring because the keylisting is always started immediately in a background thread and so it would be normal that if the crash occurs immediately that it would still be running. The keylisting code is extremely similar to Kleopatra though. So I don't understand why Kleopatra would then work for you.

Since I configured call tracing the running O365 Client dies immediately after activating the addin. Same happens now if I activate the addin.
Anyways, here is the log.

Thanks for the report. Log looks not unusual.

I think that this might have the same underlying reason as the fixed T4321 (still open because it was not yet released).

Additionally that workaround is a bad idea because on closing Outlook it
leads to the GPG4Win error "Not all plain text could be removed, it's
possible that plain text from decrypted mails was transferred to your
server." (roughly remembered text-wise)