I've been wrestling with this for a while, and I'm finally at the point where I think I need help.
I've got a working S/MIME setup with mutt, and everything's great except when it comes to selecting the right key to use when S/MIME kicks in. For example, I have two keys: one for patrick.mor...@hp.com and another for anotheraddr...@somewhereelse.com. When encrypted mail comes in to anotheraddr...@somewhereelse.com, what I'd really like (and what I could swear I've had before) is for mutt to use the key that matches that email, but it doesn't even seem to look at the "To:" address. Instead, I get something more like the following: Enter keyID for pmor...@myhostname.mydomain.com: The above is an example... what I get is the FQDN of my local machine, which does not appear anywhere in the email message itself. Below are my S/MIME config settings, which I'm using on Mutt 1.5.20 (2009-06-14, Gentoo 1.5.20-r4): set smime_is_default set smime_timeout=7200 set smime_ask_cert_label set smime_default_key="cf8014d7.0" # my KeyID unset smime_decrypt_use_default_key set smime_ca_location="/etc/ssl/certs" set smime_certificates="~/.smime/certificates" set smime_keys="~/.smime/keys" set smime_encrypt_with="des3" set smime_pk7out_command="openssl smime -verify -in %f -noverify -pk7out" set smime_get_cert_command="openssl pkcs7 -print_certs -in %f" set smime_get_signer_cert_command="openssl smime -verify -in %f -noverify -signer %c -out /dev/null" set smime_get_cert_email_command="openssl x509 -in %f -noout -email" set smime_import_cert_command="smime_keys add_cert %f" set smime_encrypt_command="openssl smime -encrypt -%a -outform DER -in %f %c" set smime_sign_command="openssl smime -sign -signer %c -inkey %k -passin stdin -in %f -certfile %i -outform DER" set smime_decrypt_command="openssl smime -decrypt -passin stdin -inform DER -in %f -inkey %k -recip %c" set smime_verify_command="openssl smime -verify -inform DER -in %s %C -content %f" set smime_verify_opaque_command="openssl smime -verify -inform DER -in %s %C || openssl smime -verify -inform DER -in %s -noverify 2>/dev/null"
