Skip to content
Newer
Older
100644 108 lines (74 sloc) 3.71 KB
c169517 @graudeejs Moved from google code to github... I want privacy, google doesn't offer
authored Dec 14, 2009
1 # -*-muttrc-*-
2 ## The following options are only available if you have
3 ## compiled in S/MIME support
4
5 # If you compiled mutt with support for both PGP and S/MIME, PGP
6 # will be the default method unless the following option is set
7 unset smime_is_default
8
9 # Uncomment this if you don't want to set labels for certificates you add.
10 # unset smime_ask_cert_label
11
12 # Uncomment this if you don't want to check for sender's email address
13 # set smime_dont_check_sender = yes
14
15 # Passphrase expiration
16 set smime_timeout=300
17
18 # Global crypto options -- these affect PGP operations as well.
19 set crypt_autosign = yes
20 set crypt_replyencrypt = yes
21 set crypt_replysign = yes
22 set crypt_replysignencrypted = yes
23 set crypt_verify_sig = yes
24
25 # Section A: Key Management.
26
27 # The (default) keyfile for signing/decrypting. Uncomment the following
28 # line and replace the keyid with your own.
29 set smime_default_key="58c4ec20.0"
30 # Uncomment the following line in addition to the one above, if you want that
31 # all encrypted messages are also encrypted with your default key.
32 set smime_encrypt_self = yes
33
34 # Uncomment to make mutt ask what key to use when trying to decrypt a message.
35 # It will use the default key above (if that was set) else.
36 # unset smime_decrypt_use_default_key
37
38 # Path to a file or directory with trusted certificates
39 set smime_ca_location="~/.smime/ca-bundle.crt"
40
41 # Path to where all known certificates go. (must exist!)
42 set smime_certificates="~/.smime/certificates"
43
44 # Path to where all private keys go. (must exist!)
45 set smime_keys="~/.smime/keys"
46
47 # These are used to extract a certificate from a message.
48 # First generate a PKCS#7 structure from the message.
49 set smime_pk7out_command="openssl smime -verify -in %f -noverify -pk7out"
50
51 # Extract the included certificate(s) from a PKCS#7 structure.
52 set smime_get_cert_command="openssl pkcs7 -print_certs -in %f"
53
54 # Extract the signer's certificate only from a S/MIME signature (sender verification)
55 set smime_get_signer_cert_command="openssl smime -verify -in %f -noverify -signer %c -out /dev/null"
56
57 # This is used to get the email address the certificate was issued to.
58 set smime_get_cert_email_command="openssl x509 -in %f -noout -email"
59
60 # Add a certificate to the database using smime_keys.
61 set smime_import_cert_command="smime_keys add_cert %f"
62
63
64
65 # Sction B: Outgoing messages
66
67 # Algorithm to use for encryption.
68 # valid choices are rc2-40, rc2-64, rc2-128, des, des3
69 #set smime_encrypt_with="des3"
70 set smime_encrypt_with="aes256"
71
72 # Encrypt a message. Input file is a MIME entity.
73 set smime_encrypt_command="openssl smime -encrypt -%a -outform DER -in %f %c"
74
75 # Sign.
76 set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER"
77
78
79
80 #Section C: Incoming messages
81
82 # Decrypt a message. Output is a MIME entity.
83 set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c"
84
85 # Verify a signature of type multipart/signed
86 set smime_verify_command="openssl smime -verify -inform DER -in %s %C -content %f"
87
88 # Verify a signature of type application/x-pkcs7-mime
89 set smime_verify_opaque_command="\
90 openssl smime -verify -inform DER -in %s %C || \
91 openssl smime -verify -inform DER -in %s -noverify 2>/dev/null"
92
93
94
95 # Section D: Alternatives
96
97 # Sign. If you wish to NOT include the certificate your CA used in signing
98 # your public key, use this command instead.
99 # set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -outform DER"
100 #
101 # In order to verify the signature only and skip checking the certificate chain:
102 #
103 # set smime_verify_command="openssl smime -verify -inform DER -in %s -content %f -noverify"
104 # set smime_verify_opaque_command="openssl smime -verify -inform DER -in %s -noverify"
105 #
7df2b61 add vim modeline
Aldis Berjoza authored Nov 12, 2010
106
bf35eb4 @graudeejs Update
authored May 20, 2012
107 # vim: set ft=muttrc:
Something went wrong with that request. Please try again.