[neomutt-users] Manual PGP signature verification

Johannes Thyssen Tishman johannes at thyssentishman.com
Tue May 4 21:15:30 CEST 2021


I recently learned how to encrypt and sign emails with neomutt using
GPGME and I have been doing some testing by sending signed and encrypted
emails to myself. Everything works perfect. The mails are
automatically decrypted with my private key and the signatures are
verified with the corresponding public keys that I have imported.
However when I try to manually verify the signature with the attached
(detached) signature.asc using "gpg --verify signature.asc
<file-with-mail-contents>" I get "BAD signature". So far I have tried
using the following for <file-with-mail-contents>:

1. attached email contents "<no description>" of type text/plain
2. complete raw message obtained using <edit-or-view-raw-message> function
3. text between boundaries in raw message obtained using <edit-or-view-raw-message> function (with and without including the boundaries (--xxxxxxxxxxxxxxxx))
4. same as Nr. 3 but without the two trailing newlines
5. same as Nr. 3 but using sed to delete the surroundings instead of using vim (neovim)

I don't know why it is not working and I would really appreciate some

Additional unrelated question: Is it possible to define a name for the
file that contains the email contents to replace <no description>?

I thank you for your time and support.

Kind regards,
Johannes Thyssen Tishman

More information about the neomutt-users mailing list