PGP Encryption and MIAB?

:astonished: Are you saying that the title of this post, PGP encryption and MIAB? (emphasis on the question mark) does not provide any indication of what I am trying to understand?

Update

JoshData commented on May 19, 2016
Closing because it was a fun idea but it seems like no one will get around to this any time soon.

martindale commented on May 20, 2016
Please re-open this issue, as it remains a requirement for the project. Move it to another milestone if you must (propose: “Backlog”), but definitely do not close it just because someone isn’t getting to it soon.

JoshData commented on May 20, 2016
as it remains a requirement for the project
I don’t know what that even means. If it’s a requirement you have for a mail server, then this project won’t meet your needs.

martindale commented on May 20, 2016
Then close the issue as “out of scope”, and be clear about that to your community so they can find solutions that meet their needs. “no one will get around to this” is a poor explanation that you do not view this as an important feature and are removing it from the list of things other contributors can do for you.

As for the context of the issue itself, deploying a mail server without end-to-end encryption is irresponsible in the post-Snowden era. You would be doing a serious disservice to your users by even allowing unencrypted configurations, let alone explicitly removing them from your product backlog.

@JoshData I suspect this issue of end-to-end encryption will continue to crop up until a compromise is found.

Take it easy. We’re all trying to help. If it appears otherwise, it’s a misunderstanding. There are a lot of threads here and on github and it is hard to keep track of what everything is about.

1 Like

Mail-in-a-Box doesn’t support PGP encryption out of the box and modifying the box is discouraged because it makes getting help much harder. No one is currently working on adding PGP encryption.

It’s of course possible, if you build the PGP integration yourself – but again that’s discouraged. Unless you’re prepared to walk through the process of adding a new feature to Mail-in-a-Box for everyone.

Thank you for your response, @JoshData

What are the steps for adding a new feature? I am not so technically minded, but I do enjoy learning about how to build new products.

Some work was done here. That is work on implementing the enigma plugin in round cube. That works looks stalled because of php7 support. Which might change if we implement nextcloud 12.

Working towards universal PGP support where the server encrypts and decrypts (so the box holds the keys) wouldn’t be my favourite way of implementing this.

To be quite honest, I wouldn’t use the enigma plugin either. I think PGP should be a client side tool because you don’t trust the transport layer. But that just depends on your threat level I guess. I sign my email using s/mime. Which works by default in most clients. As @joshdata mentions in the PR/Issue I referenced he is willing to accept a well tested PR.

Let’s continue the discussion in whichever issue or pull request on github is closest to this topic.

I was happy to let this discussion close, however, based on a message I just received, it appears that the issue of my posts remains open.

pxl1h
Hi,
I saw your comments from today and yesterday you made in the discussion forum.
I want to remind you with this message that the discussion forum has a code of conduct [0].
Please be friendly to others and avoid unwelcoming and excluding language.
Thanks :smile:
pxl

I am beginning to feel as if the forum is more of a cult than a place to discuss matters openly.

I realize things got off to a bad start in another thread last night, but our expectations of conduct still apply even if you think you were wronged by someone else. So I’d ask that you take a break, mentally reset, and resume this conversation when you’re able to assume good intentions on the part of others in our community. If you can’t do that, I think you’ll find that folks will stop taking time out of their days to try to help you.

1 Like

I think there is some confusion here on multiple levels.

1.) I think you will find that the majority of questions I have posted I have either resolved myself, or contributed significantly to resolving. I post the questions more as a reminder should I encounter the same error again, I would know what to do; and, secondly to help others. To suggest I am in some way ungrateful is just too much.

2.) I am not a member in the typical sense of being a community member. I am effectively a customer who sees no viable way to access support outside of this community.

3.) If you, Josh, as the creator of Mail in a Box, feel in ANY WAY SHAPE or FORM that my posts are unwanted or unnecessary, say the word and I will happily cancel this account.

If you, Josh, as the creator of Mail in a Box, feel in ANY WAY SHAPE or FORM that my posts are unwanted or unnecessary, say the word and I will happily cancel this account.

I’ve already told you that flagging messages as you did is unwanted. Calling our community a cult is also unwanted. Besides that you are most welcome to continue to participate here, as is anyone who stays within the bounds of the code of conduct. If you have any questions about what is wanted or unwanted, feel free to ask me here or privately.

Ok, so here is the thing.

I flagged messages that were not adding to the linked discussion (see earlier post for a more detailed explanation, if you are really that interested).

You are behaving like a cult when you attempt to stifle criticism against one party without acknowledging the overall context.

Essentially, I am saying that you are biased in your criticisms, which is nothing to be proud of.

If you have any questions about what I have just written, feel free to ask me here or privately.

Hi, new to MIAB - thanks for the contribution. I’m wondering if it has PGP support now?

You can use PGP encryption with your mail client, like Outlook or Thunderbird, but I don’t think there’s anything bundled with Roundcube in MIAB as it stands (so nothing for the web portal).

Thanks for the info, I use enigmail for Thunderbird and k9 on m Droid. Sad to hear that years later MIAB still didn’t add support

@deaftone I’m a bit confused what you are sad about…what do you want MIAB to provide? PGP encryption and decryption is done at the extreme ends of the email process i.e. in the senders MUA (Thunderbird, Outlook etc) and then again in the recipients MUA. At all points in between the message body is in an encrypted form - this true whether the message is in transit down an ethernet cable or stored on disk in the server.

Look at a raw email message that has been encrypted with PGP (on TBird in the top right corner of the message pane go More -> View Source) and you will see that the message body is encrypted (but obviously not the headers). This is exactly what the message looks like when stored on the server.

Bottom line = there is nothing any mail server needs to do for users to use PGP.

I’m going to be a bit blunt here so try to follow. It’s sad to see that this didn’t get any traction over the course of over 2 years. I don’t need you to school me on how to view headers, what PGP encrypted data looks like, or how it functions, considering I already stated that I actively use it. Yeah, I know I can use it in MUA’s such as tbird, k9, etc, like I already mentioned. What I want is server-side PGP support in Roundcube, which has been available since v1.2.0, released back in May 2016.

And you can do it, it’s just considered an unsupported modification. You’re also more than welcome to use a separate instance of Roundcube to which you have full administrative control to achieve your goal. BE BOLD AND GO NUTS.

And maybe it’s just me, but I suspect the best way to have an idea “gain traction” on a pretty actively and well maintained project such as MIAB is probably not by dredging up a 2 year old post pining away for a feature that hasn’t been added.

Bear in mind that sometimes answers are written not just for the person asking the question…there are many new, inexperienced linux users on the forum and they all benefit from explicit step-by-step instructions.

If this is a feature you really want, you could try starting a constructive discussion to drum up support and/or you could submit a PR. If that fails then you could maintain and apply your own custom patch.

Thanks. I already moved on/past MIAB to a custom solution where I don’t have to worry about updates clobbering my changes. It just goes to show that dev on this project is … meh. more power to y’all :wink: