Start using Mutt: a setup with GPG, mbsync, msmtp and notmuch
This is a blog post documenting how I set up Mutt with GPG (to store encrypted passwords), mbsync, msmtp and notmuch on GNU/Linux. I will write up another blog post about setting up Mutt with GPG to encrypt and sign emails.
Table of contents:
- Set up Mutt
- Store your password in an encrypted file with GPG
- Set up mbsync to download and store emails locally
- Set up msmtp to send emails
- Set up notmuch to index and query your email database
Set up Mutt
Download Mutt:
$ sudo apt install mutt
or download Mutt using the package manager of the distribution you use.
Now find Mutt’s configuration file i.e. muttrc
. Mine was in ~/.config/mutt/
(I think), but I moved it to ~/.muttrc
for easy access.
Now we will write up Mutt’s configuration file. I will post a somehow reduced configuration to get started with. I am assuming you want to get Mutt to work so you can use asap - and then later personalise your configuration file. If you want, you can check out my actual .muttrc
here.
So, this is a Mutt configuration file you should be able to start with:
# Char encoding
set send_charset="utf-8"
set assumed_charset="iso-8859-1"
# Account settings
set from = your_email_address
set realname = 'First_name last_name'
# Storage settings
set mbox_type = Maildir # type of mailbox format to use; well explained in the manual of Mutt
set folder = "~/Mail/name_of_account/" # folders from which to retrieve emails
# msmtp settings
set sendmail = "msmtp -a name_of_account"
# cache settings (optional)
set header_cache = "~/Mail/name_of_account/" # optional - speeds up opening large folders
set message_cachedir = "~/Mail/name_of_account/" # optional - speeds up loading messages
# mailbox settings
set spoolfile=+INBOX
set postponed = +Drafts
set record = +Sent
set trash = +Trash # tells mutt to store deleted message to folder Trash
name_of_account
is arbitrary. It can be email
or your username, for example.
Store your password in an encrypted file
Before we move on and set up mbsync we will store the password of your email account in an encrypted file. You do not want to store passwords plain text in your configuration files which you might share in the future. To encrypt your files, you need GnuPG (or GPG) and your own encryption key pair1
If you don’t have GPG key pair, run2
$ sudo apt install gpg # download GnuPG
$ gpg --full-generate-key # start the dialogue interface to generate a key pair
Now you have GPG installed and a GPG key pair on your computer. You will use GPG and your GPG key pair to create and store the password of your email account in an encrypted file.
First create a plain text file containing the password of your email account3
$ cat > path/to/mutt/config/directory/email_password.txt << EOF
> type_your_password
> EOF
Next feed gpg
the unencrypted text file you’ve just created for gpg
to create an encrypted copy of that file i.e. a file ending with .gpg
.
$ gpg -r your_gpg_id -e path/to/mutt/config/directory/email_password.txt
your_gpg_id
is the name or the email address you used when you generated a GPG key pair.
Check that the file was created, run:
$ file email_password.gpg
which should return something like:
email_password.gpg: PGP RSA encrypted session key - keyid: ... RSA (Encrypt or Sign) 3072b
which tells you that the file is encrypted.
Now you can delete the file where your password is stored in plain text:
$ shred email_password.txt
$ rm -i email_password.txt
That is it! You now have an encrypted file containing your password. You can instruct configuration files to retrieve your password from email_password.gpg
instead of having your password scattered around in plain text. That is what we will do below as we set up mbsync and msmtp.
Set up mbsync to download and store emails locally
We download mbsync:
$ sudo apt install isync
I am still learning and fiddling with mbsync, but that’s my current configuration. Look for ~/.mbsync
on your computer and edit it with this configuration:
SyncState *
Sync Pull All Push All # not sure
IMAPAccount name_of_account
Host incoming_server_address_of_the_email_provider_you_use
Port 993 # maybe - check the documentation of your email provider
User your_email_address
PassCmd "gpg -dq $HOME/.config/mutt/email_password.gpg" # see explanation in the previous section
SSLType IMAPS # or something else - check the documentation of your email provider and the manpage of mbsync
AuthMechs PLAIN # or something else - check the documentation of your email provider and the manpage of mbsync
IMAPStore name_of_account-remote
Account name_of_account
MaildirStore name_of_account-local
SubFolders Verbatim
Inbox ~/Mail/name_of_account/INBOX
Path ~/Mail/name_of_account/ # the trailing "/" matters
Flatten . # useful with Mutt according to mbsync manpage
Channel name_of_account
Master :name_of_account-remote:
Slave :name_of_account-local:
# Patterns *
Create Both
Expunge Both
Now you should be able to download your emails. To do so run:
$ mbsync - a
The terminal should print something like this:
C: 1/1 B: 1/1 M: +0/0 *13/13 #0/0 S: +1/1 *0/0 #0/0
or an error message. If so, troubleshoot. Email me if you have problems.
If mbsync does not complain, open Mutt:
$ mutt
You should see your messages. You can’t send email though - yet. We will take care of that now.
Set up msmtp to send emails
Download msmtp:
$ sudo apt install msmtp
The configuration file should be ~/.msmtprc
. Mine looks like this below - comments are from another configuration file I used4.
# Set default values for all following accounts.
defaults
# Authentication must be used for sending
# Each account will use a different method
auth on
# Always us TLS
tls on
# Set a list of trusted CAs for TLS. The default is to use system settings, but
# you can select your own file.
tls_trust_file /etc/ssl/certs/ca-certificates.crt
# This is the log file - comment it out to stop it collecting
logfile ~/.msmtp/log/msmtp.log
account name_of_account
host mail.email_provider.net # URL of outgoing (SMTP) server name of your email provider
port 587 # maybe - check the documentation of your email provider
from your_email_address
user your_email_address
passwordeval "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.config/mutt/email_password.gpg"
To check whether your configuration of msmtp works, try sending an email from the command line:
$ echo "I am sending this email from the command line" | msmtp -a name_of_acccount -- email_address_of_the_recipient
name_of_acccount
is the exact same as the one used in the configuration files.
If sending an email from the command line with msmtp fails, read the output message and troubleshoot. If the recepient received the email, try sending an email from within Mutt.
At this point you should have a Mutt setup with mbsync and msmtp with which you can download, browse and send emails.
Set up notmuch to index and query your email database
Mutt can search for emails. However I find it easier to use the programme notmuch5.
The configuration of notmuch with Mutt is easy. notmuch has a script which does the job for you6.
To download notmuch run7:
$ sudo apt notmuch notmuch-mutt
To start the dialogue interface to set up notmuch run8:
$ notmuch setup
Answer the questions9.
And then run:
$ notmuch new
to index your emails.
Now open mutt i.e. $ mutt
and type f8
10. Your terminal should print this:
search ('?' for man):
Type a search term or checkout the manual of notmuch by pressing ?
.
Don’t forget to run $ notmuch new
to incorporate new emails into the database11.
You are done. You should have Mutt setup with mbsync, msmtp and notmuch - and your password encrypted with GPG. Let me know if you have any issue, feedback or questions.
What’s next?
Use the manpages and help menu of Mutt, mbsync, msmtp and notmuch to figure things out. Everything is in there. If you are stuck in Mutt and don’t know how to do something, press ?
. Mutt will display all the keybindings.
When I first started, I was wondering how to undelete message, create aliases and tell Mutt I want to use Vim for text editing. You might also want to setup more convenient keybindings or change colors. Take a look at my current Mutt configuration file to get some ideas of what you can do.
Sources
I got the above done thanks to:
- https://blog.flaport.net/configuring-neomutt-for-email.html
- https://sandyuraz.com/blogs/using_mutt/
- https://futurile.net/resources/msmtp-a-simple-mail-transfer-agent/
- https://notmuchmail.org/
- the manual of Mutt
- the manual of GnuPG
- and the man pages and help menu of mutt, gpg, mbsync, msmtp and notmuch.
See also:
- Remove “Save in password manager” option in GPG pinentry
- Stop Mutt or mbsync or msmtp from asking your password each time you want to sync or send an email (email me - I will publish a post)
- Set up GPG with Mutt to encrypt and sign emails (to be published)
to learn about encryption keys read https://www.gnupg.org/gph/en/manual/c173.html and https://www.gnupg.org/gph/en/manual/c14.html)↩︎
You might want to store your private key offline and create another subkey to encrypt emails, but that is another project. If you want to do so I’d suggest reading https://wiki.debian.org/Subkeys.↩︎
To learn more about the syntax used here, read https://yctct.com/add-multiple-lines↩︎
https://futurile.net/resources/msmtp-a-simple-mail-transfer-agent/↩︎
I suspect skipping
notmuch-mutt
also downloads the script. I have not tried though.↩︎https://upsilon.cc/~zack/blog/posts/2011/01/how_to_use_Notmuch_with_Mutt/↩︎
You can see the configuration file notmuch generated by running
$ less ~/.notmuch-config
.↩︎The man page of notmuch-mutt stipulates that macros should be added the configuration of Mutt. Three macros, including
f8
, already exist in/etc/Muttrc.d/notmuch-mutt.rc
.↩︎The manual of notmuch stipulates that a cron job or a hook could be used to automate. I might do that in the future.↩︎
personal computing command-line interface (cli) gnu linux trisquel shell literacy office applications wiki mutt mbsync msmtp notmuch start using gpg