[EMAIL PROTECTED] writes:
> I've been trying to get mutt (1.2.5i) working, and have had
> fairly good success until I started fiddling with gpg.
>
> I've got gpg 1.0.3 installed and working -- I can generate detached
> signed/encrypted messages without any trouble from the command line.
> The problem arises when I try to verify a detached signature.
> Sending myself a signed note works fine, and checking my "sent-mail"
> folder shows "gpg: Good signature..." on the email I've sent.
>
> However, when I receive the inbound copy of that email from the
> mailserver (vie fetchmail 5.5.0 and my local MTA, courier) the same
Is there a courier MTA? I have only ever heard of Courier IMAP.
> message shows a bad signature. All pgp signatures (including those
> seen in this forum) register as "bad".
That would point to a more fundamental problem unrelated to mutt.
> I would have thought fetchmail or courier was munging something, but
> the I tried writing the MIME parts (text/plain and pgp/signature) from
> both versions of my test message to files, then checking with gpg.
> Neither one works. Somehow, mutt must be generating a signature for a
> slightly different file than the one I am. Any thoughts?
Set up an external mail bouncer somewhere, send yourself a signed message
via the bouncer, and compare with a local copy. Or have someone else send
you a signed message and then compare with their local copy. My guess is
that some MTA in transit (or even fetchmail or courier) muck with MIME
headers.
I just added your key to my keyring, and indeed, the signature doesn't
check out
[-- PGP output follows (current time: Fri Sep 22 17:56:51 2000) --]
gpg: Signature made Fri Sep 22 16:57:55 2000 IST using DSA key ID 256F2C38
gpg: BAD signature from "Jonathan Anderson <[EMAIL PROTECTED]>"
[-- End of PGP output --]
That would point to some MTA along the line (as mail retrieval programs
such as fetchmail or imapd are not involved when sending mail).
