I'm trying to set up a send-hook so that gpg encryption is enabled when I send to a specific recipient, but if it's sent to other recipients as well, then encryption is disabled. However, send-hooks seem to fire when a particular recipient is anywhere in the recipient list, regardless of who else is present.
Ideally, I'd encrypt if it goes to foo@bar.com
, but not if goes to foo@bar.com, not@this.com, or@whatever.com
. The mutt manual says
When multiple matches occur, [send-hook] commands are executed in the order they are specified in the muttrc.
Hence, I put the following in my muttrc. If mail is sent to foo@bar.com
, then enable autoencrypt. However, if there is a recipient that is not foo@bar.com
, then unset autoencrypt.
send-hook . unset crypt_autoencrypt
send-hook "!~l ~t ^foo@bar\\.com$" "set crypt_autoencrypt"
send-hook "!~l !~t ^foo@bar\\.com$" "unset crypt_autoencrypt"
However, it doesn't seem to work. It seems that send-hooks don't seem to parse each individual recipient separately. Even if I address mail to foo@bar.com, not@this.com
, mutt attempts to encrypt it.
Workaround
I can get around this with a very ugly hack.
send-hook . unset crypt_autoencrypt
send-hook "!~l ~t ^foo@bar\\.com$" "set crypt_autoencrypt"
send-hook "!~l ~t [^r]\\.com$" "unset crypt_autoencrypt"
If I send an email to a .com
address that has a non-r
character preceding, then it won't encrypt. There are obviously lots of …r.com
addresses that aren't foo@bar.com
, so I have to extend the third line as follows.
send-hook "!~l ~t '([^r]\\.com|[^a]r\\.com)$" "unset crypt_autoencrypt"
This also excludes …r.com
addresses with a non-a
character preceding too. I just repeat this sequence a few more times.
The major problem with this is that send-hooks don't seem to fire for cc: addresses, making this whole third line moot if the email is cc:ed to not@this.com
.
Best Answer
In muttrc, use
From
$ man 5 muttrc
This also inspects cc:ed addresses for validity. Unfortunately, as per the second-last paragraph, this overrides many useful settings. For example, I have
set pgp_autoinline = yes
, which is deprecated, but necessary for sending to older clients1, which don't support PGP/MIME.1 For example, Android's K-9 + APG. AFAIK this is the only FOSS Android email client that reads PGP-encrypted email at all, but only in a limited fashion. (EDIT: K-9 + openkeychain now supports PGP/MIME.)