Return-Path: X-Original-To: notmuch@notmuchmail.org Delivered-To: notmuch@notmuchmail.org Received: from localhost (localhost [127.0.0.1]) by olra.theworths.org (Postfix) with ESMTP id DCFB8429E35 for ; Mon, 16 Jan 2012 20:48:35 -0800 (PST) X-Virus-Scanned: Debian amavisd-new at olra.theworths.org X-Spam-Flag: NO X-Spam-Score: 1.274 X-Spam-Level: * X-Spam-Status: No, score=1.274 tagged_above=-999 required=5 tests=[RDNS_NONE=1.274] autolearn=disabled Received: from olra.theworths.org ([127.0.0.1]) by localhost (olra.theworths.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fjBhRqWki5iv for ; Mon, 16 Jan 2012 20:48:35 -0800 (PST) Received: from marcos.anarcat.ath.cx (unknown [72.0.72.144]) by olra.theworths.org (Postfix) with ESMTP id 0BB7B429E2F for ; Mon, 16 Jan 2012 20:48:35 -0800 (PST) Received: by marcos.anarcat.ath.cx (Postfix, from userid 1000) id 86B82143139; Mon, 16 Jan 2012 23:48:33 -0500 (EST) From: Antoine =?utf-8?Q?Beaupr=C3=A9?= To: Gregor Zattler , David Edmondson , Jameson Graef Rollins , Gregor Zattler , Notmuch Mail Subject: Re: Emacs: Crypto: How to get automatic encryption? In-Reply-To: <87d3akppoc.fsf@shi.workgroup> Message-ID: <87pqejj5nl.fsf@marcos.anarcat.ath.cx> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="==-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Mailman-Approved-At: Thu, 02 Feb 2012 08:56:31 -0800 X-BeenThere: notmuch@notmuchmail.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Tue, 17 Jan 2012 04:48:36 -0000 X-Original-Date: Mon, 16 Jan 2012 23:48:30 -0500 X-List-Received-Date: Tue, 17 Jan 2012 04:48:36 -0000 --==-=-= Content-Type: multipart/mixed; boundary="=-=-=" --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Jumping in here, I have modified the previously posted code here to provide me with a more complete solution. With the attach code, I can: * automatically encrypt mails if all recipients have a *valid* public key. The previous patch allowed encryption if a key existed but was revoked, which cause a weird UX issue where the user would be bothered with "No public key for..." * not have specify if i want to encrypt the mail or not: it is encrypted if possible * try to autodetect (by running the function directly) if the mail will be crypted and signed or just signed before sending * explicitely request the mail to be encrypted or just signed, if I want to, using the usual keybindings (ie. the existing #secure tags are respected) So basically, this replaces the common hook: (add-hook 'message-setup-hook 'mml-secure-sign-pgpmime) with this: (add-hook 'message-send-hook 'anarcat/message-set-encryption) The rationale behind this technique is that the setup-hook runs when recipients are not yet defined so it will always set the mail to be only signed, even though your final recipients should be crypted.=20 An alternative would be for notmuch to prompt the To: header before setting up the buffer ("=C3=A0 la" Mutt), but I didn't feel like going that way. Code is attached. Obviously, those function names would change if they would be to integrate into notmuch. ;) --=-=-= Content-Type: application/emacs-lisp Content-Disposition: inline; filename=notmuch-opportunistic.el Content-Transfer-Encoding: quoted-printable ;; -*- mode: emacs-lisp; -*- (require 'notmuch) (add-hook 'message-send-hook 'anarcat/message-set-encryption) (defun anarcat/message-set-encryption (&optional force) "Automatically set the encryption depending on the recipients. If ran interactively, will overwrite settings, otherwise it will not touch existing settings, so that this can safely be ran in `message-send-hook'." (interactive "p") (message-goto-body) ;; clear existing settings (if (and force (re-search-forward "<#secure [^>]*>\n" nil t)) (replace-match "" nil nil)) ;; If we can encrypt, do so, else just sign. (if (or force (not (re-search-forward "<#secure [^>]*>\n" nil t))) (if (anarcat/message-guess-encryption) (insert "<#secure method=3Dpgpmime mode=3Dsignencrypt>\n") (insert "<#secure method=3Dpgpmime mode=3Dsign>\n")) ) ) ;; http://notmuchmail.org/pipermail/notmuch/2012/007340.html (defun anarcat/message-guess-encryption () "Return `t' if we have gpg public keys for all recipients of this message= ." (require 'epa-mail) (if (and (not (message-news-p)) ; No encryption for news,=20 (or (message-fetch-field "to") (message-fetch-field "cc"))) ; we= have to have one address at least (catch :exit (mapc (lambda (addr) ;; check for a usable key - taken from epa-mail.el (if (not (epa-mail--find-usable-key (epg-list-keys (epg-make-context epa-protocol) (downcase (mail-strip-quoted-names addr))) 'encrypt)) (throw :exit nil))) (message-tokenize-header (concat (message-fetch-field "to") "," (message-fetch-field "cc")))) t) nil)) --=-=-= Content-Transfer-Encoding: quoted-printable Opportunistic encryption, here we go. a. =2D-=20 Evil exists to glorify the good. Evil is negative good. It is a relative term. Evil can be transmuted into good. What is evil to one at one time, becomes good at another time to somebody else. - Sivananda --=-=-=-- --==-=-= Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQIcBAEBCAAGBQJPFP2eAAoJEHkhUlJ7dZIeZFgP/3O94zqpj/E7S0JHnugNJ8cj YKT3fdLZI8iy6Zw0SjxQE7RTF5ykT52gQXpojagOSxLQ1+N5LPhiHA+qWcrdBX8n VE+UtFUJbTaU7iARGQ/jBw7Ogb2AGM9uKWDuoV3oe28y3RzeeYCTD9xPWtn2RTXy aZd6d3bhbrx7ENG8TR7EBFj6wLfVqt0DlgWTPR5v8uAEHrP/BepNsWKVYOnWSteo qN0WQZ5uWMoAX73hOc/xYYwH8LIIZwAjJB29c/lWI8O5ZKG12noa1zqRQZNoFdj8 7L6K/5ZKgEit0piedj69rbx7kxQrp9NJt60dl2h2xuWPP883lAIt+uHJwPnOUBe2 ZBPU4piFTmn/4+tVzBK69VmogWRUWP/3KjJ2nfX8IhWfAJfvwXZCCctTHSOJ29Lj oImWFS4/5wxJB72RH0XUSRdr8Uq9iB+GHt2mckeiTfoAVgLObwDT2LjrBMl8JxTB 8uRP0/GTfKuhH5HBf8nZ2iTfydX2c+hZ/LT+HG8GLc31lifW+9Wf1+ninQUnloYa BZDAiBGTqsv6oQ6Bpc23kUU6cxYc4R0xxOmjX+R/KGJE1w+i73SYCVNHrTQj+OOW blrLCkgVG+eJpDiPjF2mXw15DMLJauf7Kq5fUjubGQfrNY5JEcdW/Tp8gdlKJUYy DnRoI1rC/t/eJhGPD8OU =Bxam -----END PGP SIGNATURE----- --==-=-=--