xenial (1) mimegpg.1.gz

Provided by: sqwebmail_0.68.2-1ubuntu7_amd64 bug

NAME

       mimegpg - MIME-GPG utility

SYNOPSIS

       mimegpg [-s] [-E] [-e] [-c] [-d] [-p n] {--} {gpg options...}

DESCRIPTION

       The mimegpg tool signs, encrypts, or decrypts MIME-formatted E-mail messages using GnuPG.  mimegpg does
       not contain any encryption code. It uses the GnuPG utility for all encryption and decryption functions.

       The -s option signs an E-mail message. The -E or the -e option encrypts the E-mail message. Specifying
       both -E/-e and -s encrypts and signs the E-mail message in a single step. The -d option decrypts the
       message. The -c option checks signatures.

       mimegpg works as a filter. It reads an E-mail message from standard input, which must be a MIME-formatted
       message.  mimegpg signs, encrypts, and/or decrypts the message; then writes the encrypted, signed, or
       decrypted MIME message on standard output.

       The standard input to mimegpg must be a MIME E-mail message, with a "Mime Version: 1.0" header - even if
       the message does not contain any attachments. If the message contains any attachments, they are also
       signed and/or encrypted, individually.

       mimegpg automatically runs GnuPG, with the required options.  mimegpg´s options may also be followed by a
       single -- option; any remaining command line options are passed as additional options to GnuPG. The -E/-e
       option usually requires at least one -r GnuPG option, which may be specified in this fashion.

       The -p option specifies a file descriptor that contains any required passphrase. Any other valid GnuPG
       options may follow a double-dash, "--", as long as it makes sense for this operation (note that mimegpg
       automatically adds any GnuPG options that are needed to perform the given operation). The "--no-tty"
       option can be useful when mimegpg is used in a non-interactive mode. As always, secret keys that are
       password-protected secret keys cannot be used in the --no-tty mode, unless the -p option is used.

   SIGNING AND ENCRYPTING MESSAGES
       Use the -s option to sign MIME message content. Use the -E option to encrypt it. Use both options to both
       sign and encrypt. Follow with --, then any other GnuPG options. The -E option will require at least one
       -r GnuPG option.

       The -E option encapsulates the message content and all the attachments into a single encrypted MIME
       object. Some mail software cannot handle encapsulated content. The -e option encrypts each attachment
       separately, without encapsulation.

       If a secret key used for signing is password protected, the prompt to enter the password will be issued
       directly by GnuPG. Note that the -s and the -e (but not -E) options may issue multiple password prompts
       in interactive mode.  mimegpg runs GnuPG multiple times if the MIME message contains attachments. GnuPG
       will be invoked separately for each attachment in the MIME message, and each invocation will prompt for
       any required key password. Note that the initial message headers are not signed and/or encrypted, except
       for the MIME headers themselves. However, any message/rfc822 MIME content - attached messages - are
       encrypted/signed in their entirety, headers and content.

   DECRYPTING AND CHECKING SIGNATURES
       The -d option attempts to decrypt any encrypted content in a MIME message. The -c option attempts to
       verify signatures of any signed content. Both -c and -d can be specified at the same time.  -d looks for
       any multipart/encrypted MIME content, then attempts to decrypt it.  -c looks for any multipart/signed
       MIME content, then attempts to verify the signature.

       The -c and -d options replace the multipart/signed and multipart/encrypted MIME content with a
       multipart/x-mimepgp section, that contains an additional attribute called "xpgpstatus". The value of the
       attribute is set to the exit code of GnuPG. Succesfully decrypting the message and/or verifying the
       signature sets the exit code to 0. A non-zero exit code indicates that the signature could not be
       verified, or the message could not be decrypted.

       The first section in this multipart/x-mimepgp is a text/plain section that contains any messages from
       GnuPG. The second section is any decrypted or signed content.  mimegpg will include the signed content
       even if the signature could not be verified (check xpgpstatus). Encrypted content that could not be
       decrypted will not be included (obviously).

       Note - any existing x-mimegpg MIME section will have its content-type quietly reset to multipart/mixed,
       in order to avoid confusion (except when this is what got decrypted).

SEE ALSO

       reformime(1)[1].

AUTHOR

       Sam Varshavchik
           Author

NOTES

        1. reformime(1)
           [set $man.base.url.for.relative.links]/reformime.html