Topal: GPG/GnuPG and Alpine/Pine integration

Copyright (C) 2001–2011 Phillip J. Brooke

Topal is a `glue' program that links GnuPG and Pine/Alpine. It offers facilities to encrypt, decrypt, sign and verify emails.

Features

• Multiple inline PGP blocks can be processed in display filters.
• Decryption and verification output can be cached to reduce the number of times a passphrase is entered. This also helps when secret keys aren't always available, at the expense of storing decrypted output.
• MIME/OpenPGP (RFC2015/RFC3156) multipart messages can be sent and received. Depending on configuration, this might involve procmail or patching Alpine.
• The deprecated application/pgp content-type can be sent and received.
• S/MIME messages can be sent and received if gpgsm is available. (openssl is also used in some circumstances, but gpgsm is still required.)
• Topal can be used as Alpine's sendmail-path command.
• Topal has a remote sending mode (a server and a means of accessing the server) for reading email on a distant computer via SSH with secret keys on the local computer.
• A range of mechanisms for selecting keys for both self and recipients.
• There is a high level of configurability (although the configuration interface does not expose all of it; you'll have to edit .topal/config).

See the included documentation for all the stuff like licensing, recent changes and instructions.

Release 74

The current release of Topal is 74. Send email to pjb@lothlann.freeserve.co.uk if you would like to be notified of new Topal releases by email.

Files for download

• The source code package (344 kB, release 74) and a detached signature.
  Full documentation is included in the tarball.
• Documentation (PDF, 192 kB).
• GNU Public Licence version 3.
• Some features (sending of any content-type except text/plain) require a patch to Pine.

Most recent changes

29/4/2011; release 73

Fix crash when sending attachments with spaces in filenames.
Add new switch, wait-if-missing-keys, which requires the user to acknowledge if keys are missing when defaulting to encryption.
Slightly reorganise configuration menu to keep it within 24 lines.
Update documentation re: crashes related to the second patch and mailcap files.
Topal makes greater efforts to check that external commands exist before running them.
Exception messages are repeated via Ada's exception handling (if Topal panics).
Added decrypt-prereq option. See this note.
Experimental S/MIME sending support added.
More use of GnuPG's --status-fd option so that we can determine exit status properly.
Replaced ancient expanding_array package with Ada.Containers.Vectors.
Adding sendmail-path filter mode. This is needed for the S/MIME encrypted and S/MIME sign+encrypted modes. (Otherwise only Topal can read them; neither Outlook nor Thunderbird will cope with an S/MIME part inside multipart/mixed.) This mode also needs pinentry-qt for gpgsm: pinentry-curses doesn't like this environment.
In the sendmail-path filter mode, we no longer need the content-type guessing. We can simply re-use the content-type from the original header.
Added replace-ids option which can replace Message-ID (and also Content-ID) in sendmail-path filter mode.
The sendmail-path mode can also add a token to help spot our cc'd emails. Use something like st=user@domain,token to set a password. This is hashed with some headers for each email and added to an X-Topal-Send-Token header. Topal then has a -cst token mode which adds a X-Topal-Check-Send-Token header with either yes or no for that header.
Investigation suggests that group addresses are handled other than I expect. E.g., Group name:; in the to: field and the actual list of addresses in lcc field will result in the addresses appearing in the bcc field in sendmail-path filter mode.
Rewrite main documentation in LaTeX: the main manual is now topal.pdf. The change log is still in HTML.
Start adding interoperability notes to manual.
Diagnosing issue with clearsigned (both OpenPGP and S/MIME) emails that have passed through an MS Exchange server being corrupted.
Added opaque signing option for S/MIME.
Added attachment-trap boolean option. In -asend mode, this causes Topal to complain if the message body contains the string “attach” but doesn't have any attachments.

23/6/2011; release 74

Oops, wrong year in release 73 date….
Topal needs GNAT's -gnat05 switch.
Documentation update:

• Noted the need for GNU's sed (particularly important if you're using Mac OS X).
• Noted that gpg-agent needs HUPing if trustlist.txt is updated.

Added include-send-token switch, where 1 never includes them, 2 asks and 3 always includes them.
Warnings about configuration errors now go to stderr, rather than messing up other processing output.
Heuristic for attachment trap is improved. This now copes with the case where the email comprises a single multipart/mixed MIME part.
Some comparisons for content-types are case-insensitive now.

Last generated: Thu Jun 23 21:55:26 BST 2011