I mailed the mutt-users list with this problem some time ago, but I only
ever got one response, and even that suggested that gpg might be at fault.
I did some more testing, and this is what I found:
If I send a message with mutt 1.2, and sign it with gpg 1.0.4, and if the
message has no quoted printable encoding, then the recipient, also using
1.2 and gpg 1.0.4, can verify the signature.
However, if I send the same message with quoted-printable encoding turned
on, then the recipient CANNOT verify the signature.
In particular, this problem seems to bite me when I have a double-dash
signature in my message, eg:
Message body
Message body
Message body
--<SP> <---- space
Signature
When the above is sent, and pgp_strict_end is set to yes, then the space
after the double dash gets converted into '=20'. When I PGP sign such a
message, it can't be verified. If I turn the pgp_strict_enc variable off,
and resend the same message, the space isn't converted to '=20' and the
recipient can verify the PGP signature correctly. I also tested this
theory with other types of messages which had spaces at the end of the
lines in the body of the message. Again, the PGP sig failed to verify,
if quoted-printable was turned on, but the PGP sig verified correctly
if I turned off the quoted printable encoding.
For now, I have turned off the pgp_strict_enc variable in my muttrc,
but it's only a work-around. There has to be a proper solution.
I really think mutt is doing something wrong here. Has anyone else
encountered this problem, or am I doing something wrong?
--
Anand
