This trick is a fairly simple one; as always, we have to give credit to mutt, a text-based mail client that "just sucks less", for its outstanding capabilities and powerful customizations.
Mutt has built-in PGP support (for example with gpg) to decode and send signed and/or encrypted emails. Why not sign all outgoing email?
Well, truth is, most of the people are non-techie, and their e-mail client will probably show a PGP signature as an attachment (the infamous
signature.asc), which can get confusing.
But I feel mail with attachments are a different story: signing attachments brings both integrity checks and a guarantee that nobody will be fooled with a spoofed e-mail with some kind of virus or scam.
First, we'll want to prepare our
.muttrc with information on when signing or encrypting and what key to choose when signing. This is my case:
set crypt_replyencrypt # Encrypt replies on encrypted mail set crypt_replysign # Sign replies on signed mail set crypt_replysignencrypted # Sign replies on encrypted mail set pgp_sign_as="0x3A5472C3" # Set which key to use when signing
Then, we're about to set the following macro whenever we want to attach a file to an outgoing mail (default keybinding:
'a'). First set the PGP sign flag on, then attach a file:
macro compose a "<pgp-menu>s<attach-file>"
As a final touch, I'd put some more information about signing emails in my
.signature file to be included in outgoing emails, and a nicely hidden to the masses header to point to my public key, even on non-signed e-mails:
set signature="~/.signature" my_hdr X-PGP-Key: https://m7i.org/include/resources/m7i.asc