Skip to content

Instantly share code, notes, and snippets.

@syncom

syncom/mutt-with-gmail-gpg-macosx.md

Last active January 30, 2025 05:47
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save syncom/6b77792adb59ccdaa5d36b30273abc33 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save syncom/6b77792adb59ccdaa5d36b30273abc33 to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. syncom revised this gist Nov 26, 2024. No changes.
  2. syncom revised this gist Nov 26, 2024. 1 changed file with 4 additions and 3 deletions.
    7 changes: 4 additions & 3 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -12,11 +12,12 @@ The software versions used in this note are:

    - macOS Catalina (version 10.15.4)
    - Mutt 1.13.5 (installed with `brew install mutt`) or NeoMutt 20200320
    (installed with `brew install neomutt`)
    - gpg (GnuPG) 2.2.20, libcrypt 1.8.5 (installed with `brew install gnupg`)
    (installed with `brew install neomutt`)
    - gpg (GnuPG) 2.2.20, libcrypt 1.8.5 (installed with `brew install gnupg`),
    with a pinentry program properly installed and configured

    In the rest of the document, we will use Mutt as an example. The
    configurations for Mutt and NeoMutt are identical.
    configurations for `Mutt` and `NeoMutt` are identical.

    ## Configure Gmail for each account

  3. syncom revised this gist Oct 2, 2023. 1 changed file with 0 additions and 1 deletion.
    1 change: 0 additions & 1 deletion mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -140,7 +140,6 @@ sure they contain the desired values for `my_GID`, `hostname`, `realname`, and
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://[email protected]:465/"
    set smtp_authenticators = 'gssapi:login'
    set imap_user = [email protected]
    set spoolfile = "+INBOX"
    set trash = "+Trash"
  4. syncom revised this gist Aug 17, 2022. 1 changed file with 8 additions and 5 deletions.
    13 changes: 8 additions & 5 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -2,8 +2,9 @@

    This note describes how to set up the [Mutt](http://www.mutt.org/) or
    [NeoMutt](https://neomutt.org/) email client to work for Gmail and
    GnuPG, for two Gmail accounts. The configuration should work for
    both macOS and Linux.
    GnuPG, for two Gmail accounts. The method can be trivially extended to
    more than two accounts. The configuration should work for both macOS
    and Linux.

    ## Software versions

    @@ -76,8 +77,8 @@ for `username2`)

    4. Account-specific configuration files `~/.mutt/username1.rc` and
    `~/.mutt/username2.rc`. You need to manually tweak these files to make
    sure they contain the desired values for `my_GID`, `hostname` and
    `realname`.
    sure they contain the desired values for `my_GID`, `hostname`, `realname`, and
    `from`.

    ```text
    # username1.rc
    @@ -86,6 +87,7 @@ sure they contain the desired values for `my_GID`, `hostname` and
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname1
    set realname = "First1 Last1"
    set from = [email protected]
    # Load common configurations
    source ~/.mutt/common.rc
    @@ -99,6 +101,8 @@ sure they contain the desired values for `my_GID`, `hostname` and
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname2
    set realname = "First2 Last2"
    # Change 'from' when, say, you want to use another address backed by Gmail
    set from = [email protected]
    # Load common configurations
    source ~/.mutt/common.rc
    @@ -131,7 +135,6 @@ sure they contain the desired values for `my_GID`, `hostname` and
    ############################
    # Timeout
    set pgp_timeout = 1800
    set from = [email protected]
    set use_from = yes
    set envelope_from = yes
  5. syncom revised this gist Jun 1, 2022. 1 changed file with 1 addition and 1 deletion.
    2 changes: 1 addition & 1 deletion mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -136,7 +136,7 @@ sure they contain the desired values for `my_GID`, `hostname` and
    set envelope_from = yes
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://[email protected]:465/
    set smtp_url = "smtps://[email protected]:465/"
    set smtp_authenticators = 'gssapi:login'
    set imap_user = [email protected]
    set spoolfile = "+INBOX"
  6. syncom revised this gist May 23, 2022. 1 changed file with 98 additions and 47 deletions.
    145 changes: 98 additions & 47 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,8 +1,9 @@
    # Mutt (or NeoMutt) with Gmail and GPG on Mac OS X
    # Mutt (or NeoMutt) with Gmail and GPG, Mutiple Accounts

    This note describes how to set up the [Mutt](http://www.mutt.org/) or
    [NeoMutt](https://neomutt.org/) email client on Mac OS X to work for
    Gmail and GnuPG.
    [NeoMutt](https://neomutt.org/) email client to work for Gmail and
    GnuPG, for two Gmail accounts. The configuration should work for
    both macOS and Linux.

    ## Software versions

    @@ -16,7 +17,7 @@ The software versions used in this note are:
    In the rest of the document, we will use Mutt as an example. The
    configurations for Mutt and NeoMutt are identical.

    ## Configure Gmail
    ## Configure Gmail for each account

    Sign in with the Google/Gmail account, and follow the instructions
    provided in Google support page [Sign in using App
    @@ -29,96 +30,146 @@ the generated app password for Mutt configuration later.
    ## Configure Mutt

    1. Create directory `.mutt` in your home directory, and the following
    files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`, `mailcap`
    files in `~/.mutt/`:

    2. GPG encrypt the app password setting, and save the encrypted text in
    file `~/.mutt/app-password.gpg`, as follows
    ```text
    .mutt
    ├── common.rc
    ├── mailcap
    ├── muttrc
    ├── username1.app-password.gpg
    ├── username2.app-password.gpg
    ├── username1.rc
    └── username2.rc
    ```

    2. GPG encrypt the account's app password setting, and save the
    encrypted text in file `~/.mutt/<username>.app-password.gpg`, where
    `<username>` is the Gmail username for the account (`username1` or
    `username2` in this demo), as follows

    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    gpg --recipient <username>@gmail.com --encrypt --armor > <username>.app-password.gpg
    ```

    In console window, manually enter the following information (`^D` is the key combination `Ctrl-d`)

    ```bash
    set imap_pass = <app password>
    set smtp_pass = <app password>
    set imap_pass = <app password for username>
    set smtp_pass = <app password for username>
    ^D
    ```

    3. Configure GPG setting. Add the following content in `~/.mutt/gpg.rc`
    3. Configure Mutt's main configuration file. Add the following content
    to `~/.mutt/muttrc` to set up key bindings (`F2` for `username1`, `F3`
    for `username2`)

    ```text
    # muttrc
    # Default account
    source ~/.mutt/username1.rc
    # Macros for switching accounts
    macro index <f2> '<sync-mailbox><enter-command>source ~/.mutt/username1.rc<enter><change-folder>!<enter>'
    macro index <f3> '<sync-mailbox><enter-command>source ~/.mutt/username2.rc<enter><change-folder>!<enter>'
    ```

    4. Account-specific configuration files `~/.mutt/username1.rc` and
    `~/.mutt/username2.rc`. You need to manually tweak these files to make
    sure they contain the desired values for `my_GID`, `hostname` and
    `realname`.

    ```text
    # username1.rc
    # Gmail user ID. User variable in Mutt must start with "my"
    set my_GID = "username1"
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname1
    set realname = "First1 Last1"
    # Load common configurations
    source ~/.mutt/common.rc
    ```

    ```text
    # username2.rc
    # Gmail user ID. User variable in Mutt must start with "my"
    # CHANGEME
    set my_GID = "username2"
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname2
    set realname = "First2 Last2"
    # Load common configurations
    source ~/.mutt/common.rc
    ```

    5. The remaining configuration files are common for all accounts.

    ```text
    # MUTT GPG configuration
    # common.rc
    # Common configurations
    # For a full list a configuration variables, see
    # https://muttmua.gitlab.io/mutt/manual-dev.html#variables
    ############################
    # GPG configuration
    ############################
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/$my_GID.app-password.gpg |"
    # Use GPGME
    set crypt_use_gpgme = yes
    # Don't sign, so I'm not legally liable to what I say in encrypted email
    # Don't sign, so I'm not legally liable to what I say in encrypted email
    set crypt_autosign = no
    # Encrypt replies to PGP emails by default
    set crypt_replyencrypt = yes
    ############################
    # Mail configuration
    ############################
    # Timeout
    set pgp_timeout = 1800
    ```

    4. Configure Mutt's main configuration file. Add the following content
    to `~/.mutt/muttrc`

    ```text
    # Load configurations
    source ~/.mutt/gpg.rc
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/app-password.gpg |"
    # For a full list a configuration variables, see
    # https://muttmua.gitlab.io/mutt/manual-dev.html#variables
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname
    set realname = "Real Name"
    set from = <username>@gmail.com
    set from = [email protected]
    set use_from = yes
    set envelope_from = yes
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://<username>@smtp.gmail.com:465/
    set smtp_url = "smtps://$my_GID@smtp.gmail.com:465/
    set smtp_authenticators = 'gssapi:login'
    set imap_user = <username>@gmail.com
    set imap_user = $my_GID@gmail.com
    set spoolfile = "+INBOX"
    set trash = "+Trash"
    # SSL hardening
    set ssl_force_tls = yes
    set ssl_starttls = yes
    set ssl_use_sslv2 = no
    set ssl_use_sslv3 = no
    set ssl_use_tlsv1 = no
    #set ssl_use_sslv2 = no
    #set ssl_use_sslv3 = no
    #set ssl_use_tlsv1 = no
    set ssl_use_tlsv1_1 = no
    set ssl_use_tlsv1_2 = yes
    set ssl_use_tlsv1_3 = yes
    #set ssl_use_tlsv1_3 = yes
    set ssl_verify_dates = yes
    set ssl_verify_host = yes
    set ssl_usesystemcerts = yes
    #set ssl_usesystemcerts = yes
    # html email
    set mailcap_path = ~/.mutt/mailcap
    auto_view text/html # view html automatically
    alternative_order text/plain text/enriched text/html # save html for last
    # G to get mail
    bind index G imap-fetch-mail
    set editor = "vim"
    set charset = "utf-8"
    set record = ''
    ```

    Add the following content to `~/.mutt/mailcap`

    ```text
    # mailcap.rc
    # On Debian: apt install w3m w3m-img
    text/html; \
    w3m -I %{charset} -T text/html; copiousoutput;
    w3m -I %{charset} -T text/html; copiousoutput;
    ```
  7. syncom revised this gist May 21, 2022. 1 changed file with 9 additions and 1 deletion.
    10 changes: 9 additions & 1 deletion mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -29,7 +29,7 @@ the generated app password for Mutt configuration later.
    ## Configure Mutt

    1. Create directory `.mutt` in your home directory, and the following
    files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`, `mailcap`

    2. GPG encrypt the app password setting, and save the encrypted text in
    file `~/.mutt/app-password.gpg`, as follows
    @@ -114,3 +114,11 @@ to `~/.mutt/muttrc`
    set charset = "utf-8"
    set record = ''
    ```

    Add the following content to `~/.mutt/mailcap`

    ```text
    # On Debian: apt install w3m w3m-img
    text/html; \
    w3m -I %{charset} -T text/html; copiousoutput;
    ```
  8. syncom revised this gist May 16, 2022. 1 changed file with 21 additions and 14 deletions.
    35 changes: 21 additions & 14 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,10 +1,11 @@
    # Mutt (or NeoMutt) with Gmail and GPG on Mac OS X

    This note describes how to set up the [Mutt](http://www.mutt.org/) or
    [NeoMutt](https://neomutt.org/) email client on Mac OS X to work for Gmail
    and GnuPG.
    [NeoMutt](https://neomutt.org/) email client on Mac OS X to work for
    Gmail and GnuPG.

    ## Software versions

    The software versions used in this note are:

    - macOS Catalina (version 10.15.4)
    @@ -16,30 +17,35 @@ In the rest of the document, we will use Mutt as an example. The
    configurations for Mutt and NeoMutt are identical.

    ## Configure Gmail
    Sign in with the Google/Gmail account, and follow the instructions provided
    in Google support page [Sign in using App Passwords](gpg (GnuPG) 2.2.20 to
    obtain an app password dedicated for Mutt). You will need to first enable

    Sign in with the Google/Gmail account, and follow the instructions
    provided in Google support page [Sign in using App
    Passwords](https://support.google.com/accounts/answer/185833) to obtain
    an app password dedicated for Mutt). You will need to first enable
    "2-step authentication" for your Google account if it has not been done.
    Select the app and devices as "Mail" and "Mac", respectively. Write down the
    generated app password for Mutt configuration later.
    Select the app and devices as "Mail" and "Mac", respectively. Write down
    the generated app password for Mutt configuration later.

    ## Configure Mutt

    1. Create directory `.mutt` in your home directory, and the following files in
    `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file
    `~/.mutt/app-password.gpg`, as follows
    1. Create directory `.mutt` in your home directory, and the following
    files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.

    2. GPG encrypt the app password setting, and save the encrypted text in
    file `~/.mutt/app-password.gpg`, as follows

    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    ```

    In console window, manually enter the following information (`^D` is the key combination `Ctrl-d`)

    ```bash
    set imap_pass = <app password>
    set smtp_pass = <app password>
    ^D
    ```

    3. Configure GPG setting. Add the following content in `~/.mutt/gpg.rc`

    ```text
    @@ -56,8 +62,9 @@ generated app password for Mutt configuration later.
    # Timeout
    set pgp_timeout = 1800
    ```
    4. Configure Mutt's main configuration file. Add the following content to
    `~/.mutt/muttrc`

    4. Configure Mutt's main configuration file. Add the following content
    to `~/.mutt/muttrc`

    ```text
    # Load configurations
    @@ -106,4 +113,4 @@ generated app password for Mutt configuration later.
    set editor = "vim"
    set charset = "utf-8"
    set record = ''
    ```
    ```
  9. syncom revised this gist Apr 10, 2020. 1 changed file with 5 additions and 0 deletions.
    5 changes: 5 additions & 0 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -95,6 +95,11 @@ generated app password for Mutt configuration later.
    set ssl_verify_dates = yes
    set ssl_verify_host = yes
    set ssl_usesystemcerts = yes
    # html email
    set mailcap_path = ~/.mutt/mailcap
    auto_view text/html # view html automatically
    alternative_order text/plain text/enriched text/html # save html for last
    # G to get mail
    bind index G imap-fetch-mail
  10. syncom revised this gist Apr 6, 2020. 1 changed file with 17 additions and 7 deletions.
    24 changes: 17 additions & 7 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,26 +1,31 @@
    # Mutt with Gmail and GPG on Mac OS X
    # Mutt (or NeoMutt) with Gmail and GPG on Mac OS X

    This note describes how to set up the [Mutt](http://www.mutt.org/) email
    client on Mac OS X to work for Gmail and GnuPG.
    This note describes how to set up the [Mutt](http://www.mutt.org/) or
    [NeoMutt](https://neomutt.org/) email client on Mac OS X to work for Gmail
    and GnuPG.

    ## Software versions
    The software versions used in this note are:

    - macOS Catalina (version 10.15.4)
    - Mutt 1.13.5 (installed with `brew install mutt`)
    - Mutt 1.13.5 (installed with `brew install mutt`) or NeoMutt 20200320
    (installed with `brew install neomutt`)
    - gpg (GnuPG) 2.2.20, libcrypt 1.8.5 (installed with `brew install gnupg`)

    In the rest of the document, we will use Mutt as an example. The
    configurations for Mutt and NeoMutt are identical.

    ## Configure Gmail
    Sign in with the Google/Gmail account, and follow the instructions provided
    in Google support page [Sign in using App Passwords](gpg (GnuPG) 2.2.20 to
    obtain an app password dedicated for Mutt). You will need to first engable
    obtain an app password dedicated for Mutt). You will need to first enable
    "2-step authentication" for your Google account if it has not been done.
    Select the app and devices as "Mail" and "Mac", respectively. Write down the
    generated app password for Mutt configuration later.

    ## Configure Mutt

    1. Create directoy `.mutt` in your home directory, and the following files in
    1. Create directory `.mutt` in your home directory, and the following files in
    `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file
    `~/.mutt/app-password.gpg`, as follows
    @@ -61,7 +66,12 @@ generated app password for Mutt configuration later.
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/app-password.gpg |"
    set realname = "Ning Shang"
    # For a full list a configuration variables, see
    # https://muttmua.gitlab.io/mutt/manual-dev.html#variables
    # Use a fake hostname so Message-ID header does not leak info
    set hostname = fake-hostname
    set realname = "Real Name"
    set from = <username>@gmail.com
    set use_from = yes
    set envelope_from = yes
  11. syncom revised this gist Apr 6, 2020. 1 changed file with 14 additions and 5 deletions.
    19 changes: 14 additions & 5 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -1,6 +1,7 @@
    # Mutt with Gmail and GPG on Mac OS X

    This note describes how to set up the [Mutt](http://www.mutt.org/) email client on Mac OS X to work for Gmail and GnuPG.
    This note describes how to set up the [Mutt](http://www.mutt.org/) email
    client on Mac OS X to work for Gmail and GnuPG.

    ## Software versions
    The software versions used in this note are:
    @@ -10,12 +11,19 @@ The software versions used in this note are:
    - gpg (GnuPG) 2.2.20, libcrypt 1.8.5 (installed with `brew install gnupg`)

    ## Configure Gmail
    Sign in with the Google/Gmail account, and follow the instructions provided in Google support page [Sign in using App Passwords](gpg (GnuPG) 2.2.20 to obtain an app password dedicated for Mutt). You will need to first engable "2-step authentication" for your Google account if it has not been done. Select the app and devices as "Mail" and "Mac", respectively. Write down the generated app password for Mutt configuration later.
    Sign in with the Google/Gmail account, and follow the instructions provided
    in Google support page [Sign in using App Passwords](gpg (GnuPG) 2.2.20 to
    obtain an app password dedicated for Mutt). You will need to first engable
    "2-step authentication" for your Google account if it has not been done.
    Select the app and devices as "Mail" and "Mac", respectively. Write down the
    generated app password for Mutt configuration later.

    ## Configure Mutt

    1. Create directoy `.mutt` in your home directory, and the following files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file `~/.mutt/app-password.gpg`, as follows
    1. Create directoy `.mutt` in your home directory, and the following files in
    `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file
    `~/.mutt/app-password.gpg`, as follows

    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    @@ -43,7 +51,8 @@ Sign in with the Google/Gmail account, and follow the instructions provided in G
    # Timeout
    set pgp_timeout = 1800
    ```
    4. Configure Mutt's main configuration file. Add the following content to `~/.mutt/muttrc`
    4. Configure Mutt's main configuration file. Add the following content to
    `~/.mutt/muttrc`

    ```text
    # Load configurations
  12. syncom revised this gist Apr 6, 2020. 1 changed file with 62 additions and 48 deletions.
    110 changes: 62 additions & 48 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -16,56 +16,70 @@ Sign in with the Google/Gmail account, and follow the instructions provided in G

    1. Create directoy `.mutt` in your home directory, and the following files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file `~/.mutt/app-password.gpg`, as follows
    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    ```
    In console window, manually enter the following information (`^D` is the key combination `Ctrl-d`)

    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    ```
    In console window, manually enter the following information (`^D` is the key combination `Ctrl-d`)

    ```bash
    set imap_pass = <app password>
    set smtp_pass = <app password>
    ^D
    ```
    ```bash
    set imap_pass = <app password>
    set smtp_pass = <app password>
    ^D
    ```
    3. Configure GPG setting. Add the following content in `~/.mutt/gpg.rc`

    ```text
    # MUTT GPG configuration
    # Use GPGME
    set crypt_use_gpgme = yes
    # Don't sign, so I'm not legally liable to what I say in encrypted email
    set crypt_autosign = no
    # Encrypt replies to PGP emails by default
    set crypt_replyencrypt = yes
    # Timeout
    set pgp_timeout = 1800
    ```
    ```text
    # MUTT GPG configuration
    # Use GPGME
    set crypt_use_gpgme = yes
    # Don't sign, so I'm not legally liable to what I say in encrypted email
    set crypt_autosign = no
    # Encrypt replies to PGP emails by default
    set crypt_replyencrypt = yes
    # Timeout
    set pgp_timeout = 1800
    ```
    4. Configure Mutt's main configuration file. Add the following content to `~/.mutt/muttrc`
    ```text
    # Load configurations
    source ~/.mutt/gpg.rc
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/app-password.gpg |"
    set realname = "Ning Shang"
    set from = <username>@gmail.com
    set use_from = yes
    set envelope_from = yes
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://<username>@smtp.gmail.com:465/
    set smtp_authenticators = 'gssapi:login'
    set imap_user = <username>@gmail.com
    set spoolfile = "+INBOX"
    set trash = "+Trash"
    set ssl_force_tls = yes

    ```text
    # Load configurations
    source ~/.mutt/gpg.rc
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/app-password.gpg |"
    set realname = "Ning Shang"
    set from = <username>@gmail.com
    set use_from = yes
    set envelope_from = yes
    # G to get mail
    bind index G imap-fetch-mail
    set editor = "vim"
    set charset = "utf-8"
    set record = ''
    ```
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://<username>@smtp.gmail.com:465/
    set smtp_authenticators = 'gssapi:login'
    set imap_user = <username>@gmail.com
    set spoolfile = "+INBOX"
    set trash = "+Trash"
    # SSL hardening
    set ssl_force_tls = yes
    set ssl_starttls = yes
    set ssl_use_sslv2 = no
    set ssl_use_sslv3 = no
    set ssl_use_tlsv1 = no
    set ssl_use_tlsv1_1 = no
    set ssl_use_tlsv1_2 = yes
    set ssl_use_tlsv1_3 = yes
    set ssl_verify_dates = yes
    set ssl_verify_host = yes
    set ssl_usesystemcerts = yes
    # G to get mail
    bind index G imap-fetch-mail
    set editor = "vim"
    set charset = "utf-8"
    set record = ''
    ```
  13. syncom created this gist Apr 5, 2020.
    71 changes: 71 additions & 0 deletions mutt-with-gmail-gpg-macosx.md
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,71 @@
    # Mutt with Gmail and GPG on Mac OS X

    This note describes how to set up the [Mutt](http://www.mutt.org/) email client on Mac OS X to work for Gmail and GnuPG.

    ## Software versions
    The software versions used in this note are:

    - macOS Catalina (version 10.15.4)
    - Mutt 1.13.5 (installed with `brew install mutt`)
    - gpg (GnuPG) 2.2.20, libcrypt 1.8.5 (installed with `brew install gnupg`)

    ## Configure Gmail
    Sign in with the Google/Gmail account, and follow the instructions provided in Google support page [Sign in using App Passwords](gpg (GnuPG) 2.2.20 to obtain an app password dedicated for Mutt). You will need to first engable "2-step authentication" for your Google account if it has not been done. Select the app and devices as "Mail" and "Mac", respectively. Write down the generated app password for Mutt configuration later.

    ## Configure Mutt

    1. Create directoy `.mutt` in your home directory, and the following files in `~/.mutt/`: `muttrc`, `gpg.rc`, `app-password.gpg`.
    2. GPG encrypt the app password setting, and save the encrypted text in file `~/.mutt/app-password.gpg`, as follows
    ```bash
    gpg --recipient <username>@gmail.com --encrypt --armor > app-password.gpg
    ```
    In console window, manually enter the following information (`^D` is the key combination `Ctrl-d`)

    ```bash
    set imap_pass = <app password>
    set smtp_pass = <app password>
    ^D
    ```
    3. Configure GPG setting. Add the following content in `~/.mutt/gpg.rc`

    ```text
    # MUTT GPG configuration
    # Use GPGME
    set crypt_use_gpgme = yes
    # Don't sign, so I'm not legally liable to what I say in encrypted email
    set crypt_autosign = no
    # Encrypt replies to PGP emails by default
    set crypt_replyencrypt = yes
    # Timeout
    set pgp_timeout = 1800
    ```
    4. Configure Mutt's main configuration file. Add the following content to `~/.mutt/muttrc`
    ```text
    # Load configurations
    source ~/.mutt/gpg.rc
    # Load gpg encrypted IMAP and SMTP app passwords
    source "gpg --decrypt ~/.mutt/app-password.gpg |"
    set realname = "Ning Shang"
    set from = <username>@gmail.com
    set use_from = yes
    set envelope_from = yes
    set folder = "imaps://imap.gmail.com:993"
    set smtp_url = "smtps://<username>@smtp.gmail.com:465/
    set smtp_authenticators = 'gssapi:login'
    set imap_user = <username>@gmail.com
    set spoolfile = "+INBOX"
    set trash = "+Trash"
    set ssl_force_tls = yes
    # G to get mail
    bind index G imap-fetch-mail
    set editor = "vim"
    set charset = "utf-8"
    set record = ''
    ```