[neomutt-users] Use Emacs to autoencrypt emails

Jörg Sommer joerg at jo-so.de
Sun Nov 15 14:55:27 CET 2020


gpg offers the option to lookup a key in the local key storage or via Web Key
Directory (WKD). The WKD lookup is pretty fast and could be done for every
email. Hence, I'm using Emacs to do the lookup while I'm composing the message
and if a key is available for all recipients, I add the header field `Pgp: ES`
which tells neomutt to enable encryption.

I'm also using `trust-model tofu+pgp` in *gpg.conf* to use the *Trust on first
use* model to ease key verification.

* <https://wiki.gnupg.org/WKD>
* <https://gnupg.org/ftp/people/neal/tofu.pdf>

``` lisp
 (lambda ()
    (let ((addrs
            #'identity ;; remove nil
             (lambda (el)
               (when (string-match "[^ <]+@[^ >]+" el) (match-string 0 el)))

              (split-string (or (message-field-value "To") "") ",\s*")
              (split-string (or (message-field-value "Cc") "") ",\s*")

      ;; Use to blacklist some addresses
      ;; (delete-if
      ;;  (lambda (el) (find el '("foo at example.org") :test #'string=))
      ;;  addrs)

      (when addrs
          "gpg --locate-keys "
          (string-join (mapcar 'shell-quote-argument addrs) " "))

    (lambda ()
      (when (and gpg-key-locate
                 (string= (process-status gpg-key-locate) "exit")
                 (eq (process-exit-status gpg-key-locate) 0))
          (insert "Pgp: ES\n")
          (setq gpg-key-locate nil)
    t t)

Regards Jörg

Das Genie beherrscht das Chaos. Doch wehe irgendein Depp räumt auf.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 269 bytes
Desc: not available
URL: <https://mailman.neomutt.org/pipermail/neomutt-users-neomutt.org/attachments/20201115/068bdbbe/attachment.sig>

More information about the neomutt-users mailing list