On Friday, 22 August 2025 17:34:05 British Summer Time zyxhere💠wrote: > On Fri, 2025-08-22 at 21:21 +0500, zyxhere💠wrote: > > Hi I'm new to the mailing list workflow (or emails in general), right > > now I'm using evolution and have somehow been able to configure it (I > > can even encrypt emails with it!!😱😱).Two things I wanted to know are > > what should the wrap line limit be (in evolution the default is 71 but I > > don't know why is it even correct?) and how can I send someone else > > encrypted emails with evoution, I did test it and was able to send > > encrypted/signed emails to myself so now I want to know how can I do the > > same to others. > > > > Do I have to manually get everyones public key and make them trusted? Or > > can evolution somehow get those from a keyserver? I did verify my keys > > with this email address on https://keys.openpgp.org/ (Note that I'm also > > a little new to GPG too). > > > > Will appreciate any help. > > Thanks. > > I setup evolution reading > https://fedoraproject.org/wiki/Using_GPG_with_Evolution > in > https://fedoraproject.org/wiki/Using_GPG_with_Evolution#Verifying_Email_with > _GPG it says : > "Evolution will automatically check any incoming GPG-signed messages for > validity. If Evolution cannot GPG verify a message due to a missing > public key (or tampering), it will end with a red banner. If the message > is verified but you have not signed the key either locally or globally, > the banner will be yellow. If the message is verified and you have > signed the key, the banner will be green." > > My own email is green which makes sense as the key is mine and trusted, > others on this and gentoo-dev lists who have signed their emails are > yellow for me (not red), so evolution is getting the pubkey from > somewhere that I don't know maybe openpgp.org?
You can trust your own key, because you know the identity of the owner of your key - yourself. It does not matter if email messages you receive by senders who have signed (or even signed and encrypted) show up in red colour in your mail client. This is to signify you do not know the owner of the email account and therefore you do not trust them. You can import a sender's public key in your own gpg keyring and then edit their trust level, by choosing any of the gpg trust levels: https://www.gnupg.org/gph/en/manual/x334.html You can check the GnuPG trust models and trust levels in 'man gpg' and use gpg on the CLI, or your desktop GnuPG GUI/keyring should provide a graphical front end to edit the trust of an imported public key.
signature.asc
Description: This is a digitally signed message part.
