Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
MIMEGPG(1)		    Double Precision, Inc.		    MIMEGPG(1)

NAME
       mimegpg - MIME-GPG utility

SYNOPSIS

       mimegpg [-s] [-E] [-e] [-c] [-d]	[-p n] {--} {gpg options...}

DESCRIPTION
       The mimegpg tool	signs, encrypts, or decrypts MIME-formatted E-mail
       messages	using GnuPG.  mimegpg does not contain any encryption code. It
       uses the	GnuPG utility for all encryption and decryption	functions.

       The -s option signs an E-mail message. The -E or	the -e option encrypts
       the E-mail message. Specifying both -E/-e and -s	encrypts and signs the
       E-mail message in a single step.	The -d option decrypts the message.
       The -c option checks signatures.

       mimegpg works as	a filter. It reads an E-mail message from standard
       input, which must be a MIME-formatted message.  mimegpg signs,
       encrypts, and/or	decrypts the message; then writes the encrypted,
       signed, or decrypted MIME message on standard output.

       The standard input to mimegpg must be a MIME E-mail message, with a
       "Mime Version: 1.0" header - even if the	message	does not contain any
       attachments. If the message contains any	attachments, they are also
       signed and/or encrypted,	individually.

       mimegpg automatically runs GnuPG, with the required options.  mimegpg's
       options may also	be followed by a single	-- option; any remaining
       command line options are	passed as additional options to	GnuPG. The
       -E/-e option usually requires at	least one -r GnuPG option, which may
       be specified in this fashion.

       The -p option specifies a file descriptor that contains any required
       passphrase. Any other valid GnuPG options may follow a double-dash,
       "--", as	long as	it makes sense for this	operation (note	that mimegpg
       automatically adds any GnuPG options that are needed to perform the
       given operation). The "--no-tty"	option can be useful when mimegpg is
       used in a non-interactive mode. As always, secret keys that are
       password-protected secret keys cannot be	used in	the --no-tty mode,
       unless the -p option is used.

   SIGNING AND ENCRYPTING MESSAGES
       Use the -s option to sign MIME message content. Use the -E option to
       encrypt it. Use both options to both sign and encrypt. Follow with --,
       then any	other GnuPG options. The -E option will	require	at least one
       -r GnuPG	option.

       The -E option encapsulates the message content and all the attachments
       into a single encrypted MIME object. Some mail software cannot handle
       encapsulated content. The -e option encrypts each attachment
       separately, without encapsulation.

       If a secret key used for	signing	is password protected, the prompt to
       enter the password will be issued directly by GnuPG. Note that the -s
       and the -e (but not -E) options may issue multiple password prompts in
       interactive mode.  mimegpg runs GnuPG multiple times if the MIME
       message contains	attachments. GnuPG will	be invoked separately for each
       attachment in the MIME message, and each	invocation will	prompt for any
       required	key password. Note that	the initial message headers are	not
       signed and/or encrypted,	except for the MIME headers themselves.
       However,	any message/rfc822 MIME	content	- attached messages - are
       encrypted/signed	in their entirety, headers and content.

   DECRYPTING AND CHECKING SIGNATURES
       The -d option attempts to decrypt any encrypted content in a MIME
       message.	The -c option attempts to verify signatures of any signed
       content.	Both -c	and -d can be specified	at the same time.  -d looks
       for any multipart/encrypted MIME	content, then attempts to decrypt it.
       -c looks	for any	multipart/signed MIME content, then attempts to	verify
       the signature.

       The -c and -d options replace the multipart/signed and
       multipart/encrypted MIME	content	with a multipart/x-mimepgp section,
       that contains an	additional attribute called "xpgpstatus". The value of
       the attribute is	set to the exit	code of	GnuPG. Succesfully decrypting
       the message and/or verifying the	signature sets the exit	code to	0. A
       non-zero	exit code indicates that the signature could not be verified,
       or the message could not	be decrypted.

       The first section in this multipart/x-mimepgp is	a text/plain section
       that contains any messages from GnuPG. The second section is any
       decrypted or signed content.  mimegpg will include the signed content
       even if the signature could not be verified (check xpgpstatus).
       Encrypted content that could not	be decrypted will not be included
       (obviously).

       Note - any existing x-mimegpg MIME section will have its	content-type
       quietly reset to	multipart/mixed, in order to avoid confusion (except
       when this is what got decrypted).

SEE ALSO
       reformime(1)[1].

AUTHOR
       Sam Varshavchik
	   Author

NOTES
	1. reformime(1)
	   http://www.courier-mta.org/reformime.html

Courier	Mail Server		  01/22/2022			    MIMEGPG(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=mimegpg&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help