[Users] New Windows Users: S/MIME

Andrej Kacian ticho at claws-mail.org
Wed Jan 30 10:28:38 CET 2019

On Tue, 29 Jan 2019 17:51:23 -0600
Luke Robison <lukerobison at gmail.com> wrote:

> Now back to claws, I'm unsure if I should give claws the GPG path to
> either gpgsm.exe or gpg.exe, but neither one has much effect.
> Nothing has changed that I can see for encrypted or signed messages.
> No error messages about bad or missing certificates.  I've selected
> S/MIME as my preferred encryption.

You shouldn't need to do this, all GPG "engines" should be
autodetected, with correct paths to relevant programs set up. GPG has a
mechanism (gpgconf.exe) for just that. Look for entries like this in
the debug log, during startup:

sgpgme.c:767:GpgME Protocol: CMS
Version: 2.0.30 (req 2.0.4)
Executable: C:\Program Files (x86)\GNU\GnuPG\gpgsm.exe

Leave the GPG path in Claws Mail preferences empty, it is there for
people who are using custom GPG installations, and as far as I know,
should only be used to specify the program for PGP handling (gpg or
gpg.exe), not for S/MIME handling.

> Trying to send mail does give errors.  Simply trying to send a signed
> message gives a "Secret key not found" error, so I suspect what I'm
> running from the command line and what claws is running are two
> different programs.  Running with --debug and checking the
> claws-win32.log file doesn't do much either, see log excerpt below
> Any suggestions?

Yes, in Claws Mail account preferences, you need to select S/MIME as
your privacy system. The log excerpt below shows that you have PGPMIME
or PGPInline set, because it is trying to use the OpenPGP protocol.

Now, I haven't tried using S/MIME on Windows Claws Mail in a while
(and the gpg4win installer I just downloaded from their site does not
even want to unpack to start installing for some reason, go figure), but
I remember it worked just fine if you have the certificate matching the
e-mail address you are using, the secret key that goes with the
certificate, and the issuer certificate.

If gpgsm.exe can see these and Claws Mail can find gpg programs (see
above), signing and encrypting messages should work.

> Luke
> procmime.c:2593:procmime_write_mimeinfo
> sgpgme.c:590:sgpgme_setup_signers: OpenPGP protocol
> sgpgme.c:600:using key for myemail at company.com
> warning: setup_signers start: End of filealertpanel.c:253:Creating
> alert panel dialog...
> alertpanel.c:211:called inc_lock (lock count 2)
> alertpanel.c:221:called inc_unlock (lock count 1)
> compose.c:5407:called inc_unlock (lock count 0)


More information about the Users mailing list