Encrypt unencrypted local mail

Do you hesitate to store your mail somewhere else than in your own computer(s)? I use two imap accounts that are not really safe, gmail and the imap server of my employer. However, it would be nice to use these as backups or mirrors, for the imap server I administer myself. If all my mail, or at least all my private mail, were GPG-encrypted that would not impose a privacy concern. However, few if any of the mails I receive are encrypted with my public key. While I can encrypt incoming mails, I had already received quite some amount of mails before I implemented that mechanism, and to batch-encrypt those mails are what I will tell you about in this note.

The same encrypt.sh script that was used in "Encrypt your incoming mails!" can be reused to encrypt mail in files with this little helper script:

#!/bin/bash

# Usage: throw a name of a mail-file (a mail-file is a mbox-file with only one
# mail, or a file from a Maildir) at this script, and it will send
# that file to encrypt.sh and save the output in a temporary file and
# then overwrite the original file with this temporary file.

# To batch-encrypt all mail (files with a "," in their name) in Maildir use
# find Maildir -iname "*,*" -exec encrypt-file.sh '{}' \;

DEBUG=1

TMPFILE=`mktemp` || exit 1
if [[ $DEBUG -eq 1 ]] ; then
    echo "TMPFILE=`mktemp` || exit 1"
    echo "will use $TMPFILE as tempfile"
fi

cat $1 | encrypt.sh > $TMPFILE
if [[ $DEBUG -eq 1 ]] ; then
    echo "cat $1 | encrypt.sh > $TMPFILE"
    echo "$TMPFILE now holds an encrypted version of $1"
fi

mv $TMPFILE $1
if [[ $DEBUG -eq 1 ]] ; then
    echo "mv $TMPFILE $1"
    echo "$1 replaced with $TMPFILE"
fi

As stated in the inline comments, find can help to automate the encryption:

find Maildir -iname "*,*" -exec encrypt-file.sh '{}' \;

If you want to exclude some dirs, e.g. dirs with contents from public mailing-lists, find has a lot of ways to specify exactly which files to include.

Rather than encrypting all your precious mail at once, you could easily create a test-dir, called ".test", put a few mails there and run this:

find Maildir/.test -iname "*,*" -exec encrypt-file.sh '{}' \;

Then verify that the mails in .test turned out like you wanted them before you encrypt the rest.

comments powered by Disqus

Back to the index

Blog roll

R-bloggers, Debian Weekly
Valid XHTML 1.0 Strict [Valid RSS] Valid CSS! Emacs Muse Last modified: oktober 17, 2019