Provided by: sqwebmail_6.0.0+1.0.6-1build2_amd64 bug


       mimegpg - MIME-GPG utility


       mimegpg [-s] [-E] [-e] [-c] [-d] [-p n] {--} {gpg options...}


       The mimegpg tool signs, encrypts, or decrypts MIME-formatted E-mail messages using GnuPG.
       mimegpg does not contain any encryption code. It uses the GnuPG utility for all encryption
       and decryption functions.

       The -s option signs an E-mail message. The -E or the -e option encrypts the E-mail
       message. Specifying both -E/-e and -s encrypts and signs the E-mail message in a single
       step. The -d option decrypts the message. The -c option checks signatures.

       mimegpg works as a filter. It reads an E-mail message from standard input, which must be a
       MIME-formatted message.  mimegpg signs, encrypts, and/or decrypts the message; then writes
       the encrypted, signed, or decrypted MIME message on standard output.

       The standard input to mimegpg must be a MIME E-mail message, with a "Mime Version: 1.0"
       header - even if the message does not contain any attachments. If the message contains any
       attachments, they are also signed and/or encrypted, individually.

       mimegpg automatically runs GnuPG, with the required options.  mimegpg's options may also
       be followed by a single -- option; any remaining command line options are passed as
       additional options to GnuPG. The -E/-e option usually requires at least one -r GnuPG
       option, which may be specified in this fashion.

       The -p option specifies a file descriptor that contains any required passphrase. Any other
       valid GnuPG options may follow a double-dash, "--", as long as it makes sense for this
       operation (note that mimegpg automatically adds any GnuPG options that are needed to
       perform the given operation). The "--no-tty" option can be useful when mimegpg is used in
       a non-interactive mode. As always, secret keys that are password-protected secret keys
       cannot be used in the --no-tty mode, unless the -p option is used.

       Use the -s option to sign MIME message content. Use the -E option to encrypt it. Use both
       options to both sign and encrypt. Follow with --, then any other GnuPG options. The -E
       option will require at least one -r GnuPG option.

       The -E option encapsulates the message content and all the attachments into a single
       encrypted MIME object. Some mail software cannot handle encapsulated content. The -e
       option encrypts each attachment separately, without encapsulation.

       If a secret key used for signing is password protected, the prompt to enter the password
       will be issued directly by GnuPG. Note that the -s and the -e (but not -E) options may
       issue multiple password prompts in interactive mode.  mimegpg runs GnuPG multiple times if
       the MIME message contains attachments. GnuPG will be invoked separately for each
       attachment in the MIME message, and each invocation will prompt for any required key
       password. Note that the initial message headers are not signed and/or encrypted, except
       for the MIME headers themselves. However, any message/rfc822 MIME content - attached
       messages - are encrypted/signed in their entirety, headers and content.

       The -d option attempts to decrypt any encrypted content in a MIME message. The -c option
       attempts to verify signatures of any signed content. Both -c and -d can be specified at
       the same time.  -d looks for any multipart/encrypted MIME content, then attempts to
       decrypt it.  -c looks for any multipart/signed MIME content, then attempts to verify the

       The -c and -d options replace the multipart/signed and multipart/encrypted MIME content
       with a multipart/x-mimepgp section, that contains an additional attribute called
       "xpgpstatus". The value of the attribute is set to the exit code of GnuPG. Succesfully
       decrypting the message and/or verifying the signature sets the exit code to 0. A non-zero
       exit code indicates that the signature could not be verified, or the message could not be

       The first section in this multipart/x-mimepgp is a text/plain section that contains any
       messages from GnuPG. The second section is any decrypted or signed content.  mimegpg will
       include the signed content even if the signature could not be verified (check xpgpstatus).
       Encrypted content that could not be decrypted will not be included (obviously).

       Note - any existing x-mimegpg MIME section will have its content-type quietly reset to
       multipart/mixed, in order to avoid confusion (except when this is what got decrypted).




       Sam Varshavchik


        1. reformime(1)