Start using Mutt: a setup with GPG, mbsync, msmtp and notmuch
This is a blog post documenting how I set up Mutt with GPG (to store encrypted passwords), mbsync, msmtp and notmuch on GNU/Linux. I will write up another blog post about setting up Mutt with GPG to encrypt and sign emails.
Table of contents:
- Set up Mutt
- Store your password in an encrypted file with GPG
- Set up mbsync to download and store emails locally
- Set up msmtp to send emails
- Set up notmuch to index and query your email database
Set up Mutt
$ sudo apt install mutt
or download Mutt using the package manager of the distribution you use.
Now find Mutt’s configuration file i.e.
muttrc. Mine was in
~/.config/mutt/ (I think), but I moved it to
~/.muttrc for easy access.
Now we will write up Mutt’s configuration file. I will post a somehow reduced configuration to get started with. I am assuming you want to get Mutt to work so you can use asap - and then later personalise your configuration file. If you want, you can check out my actual
So, this is a Mutt configuration file you should be able to start with:
# Char encoding set send_charset="utf-8" set assumed_charset="iso-8859-1" # Account settings set from = your_email_address set realname = 'First_name last_name' # Storage settings set mbox_type = Maildir # type of mailbox format to use; well explained in the manual of Mutt set folder = "~/Mail/name_of_account/" # folders from which to retrieve emails # msmtp settings set sendmail = "msmtp -a name_of_account" # cache settings (optional) set header_cache = "~/Mail/name_of_account/" # optional - speeds up opening large folders set message_cachedir = "~/Mail/name_of_account/" # optional - speeds up loading messages # mailbox settings set spoolfile=+INBOX set postponed = +Drafts set record = +Sent set trash = +Trash # tells mutt to store deleted message to folder Trash
name_of_account is arbitrary. It can be
Store your password in an encrypted file
Before we move on and set up mbsync we will store the password of your email account in an encrypted file. You do not want to store passwords plain text in your configuration files which you might share in the future. To encrypt your files, you need GnuPG (or GPG) and your own encryption key pair1
If you don’t have GPG key pair, run2
$ sudo apt install gpg # download GnuPG $ gpg --full-generate-key # start the dialogue interface to generate a key pair
Now you have GPG installed and a GPG key pair on your computer. You will use GPG and your GPG key pair to create and store the password of your email account in an encrypted file.
First create a plain text file containing the password of your email account3
$ cat > path/to/mutt/config/directory/email_password.txt << EOF > type_your_password > EOF
gpg the unencrypted text file you’ve just created for
gpg to create an encrypted copy of that file i.e. a file ending with
$ gpg -r your_gpg_id -e path/to/mutt/config/directory/email_password.txt
your_gpg_id is the name or the email address you used when you generated a GPG key pair.
Check that the file was created, run:
$ file email_password.gpg
which should return something like:
email_password.gpg: PGP RSA encrypted session key - keyid: ... RSA (Encrypt or Sign) 3072b
which tells you that the file is encrypted.
Now you can delete the file where your password is stored in plain text:
$ shred email_password.txt $ rm -i email_password.txt
That is it! You now have an encrypted file containing your password. You can instruct configuration files to retrieve your password from
email_password.gpg instead of having your password scattered around in plain text. That is what we will do below as we set up mbsync and msmtp.
Set up mbsync to download and store emails locally
We download mbsync:
$ sudo apt install mbsync
I am still learning and fiddling with mbsync, but that’s my current configuration. Look for
~/.mbsync on your computer and edit it with this configuration:
SyncState * Sync Pull All Push All # not sure IMAPAccount name_of_account Host incoming_server_address_of_the_email_provider_you_use Port 993 # maybe - check the documentation of your email provider User your_email_address PassCmd "gpg -dq $HOME/.config/mutt/email_password.gpg" # see explanation in the previous section SSLType IMAPS # or something else - check the documentation of your email provider and the manpage of mbsync AuthMechs PLAIN # or something else - check the documentation of your email provider and the manpage of mbsync IMAPStore name_of_account-remote Account name_of_account MaildirStore name_of_account-local SubFolders Verbatim Inbox ~/Mail/name_of_account/INBOX Path ~/Mail/name_of_account/ # the trailing "/" matters Flatten . # useful with Mutt according to mbsync manpage Channel name_of_account Master :name_of_account-remote: Slave :name_of_account-local: # Patterns * Create Both Expunge Both
Now you should be able to download your emails. To do so run:
$ mbsync - a
The terminal should print something like this:
C: 1/1 B: 1/1 M: +0/0 *13/13 #0/0 S: +1/1 *0/0 #0/0
or an error message. If so, troubleshoot. Email me if you have problems.
If mbsync does not complain, open Mutt:
You should see your messages. You can’t send email though - yet. We will take care of that now.
Set up msmtp to send emails
$ sudo apt install msmtp
The configuration file should be
~/.msmtprc. Mine looks like this below - comments are from another configuration file I used4.
# Set default values for all following accounts. defaults # Authentication must be used for sending # Each account will use a different method auth on # Always us TLS tls on # Set a list of trusted CAs for TLS. The default is to use system settings, but # you can select your own file. tls_trust_file /etc/ssl/certs/ca-certificates.crt # This is the log file - comment it out to stop it collecting logfile ~/.msmtp/log/msmtp.log account name_of_account host mail.email_provider.net # URL of outgoing (SMTP) server name of your email provider port 587 # maybe - check the documentation of your email provider from your_email_address user your_email_address passwordeval "gpg --quiet --for-your-eyes-only --no-tty --decrypt ~/.config/mutt/email_password.gpg"
To check whether your configuration of msmtp works, try sending an email from the command line:
$ echo "I am sending this email from the command line" | msmtp -a name_of_acccount -- email_address_of_the_recipient
name_of_acccount is the exact same as the one used in the configuration files.
If sending an email from the command line with msmtp fails, read the output message and troubleshoot. If the recepient received the email, try sending an email from within Mutt.
At this point you should have a Mutt setup with mbsync and msmtp with which you can download, browse and send emails.
Set up notmuch to index and query your email database
Mutt can search for emails. However I find it easier to use the programme notmuch5.
The configuration of notmuch with Mutt is easy. notmuch has a script which does the job for you6.
To download notmuch run7:
$ sudo apt notmuch notmuch-mutt
To start the dialogue interface to set up notmuch run8:
$ notmuch setup
Answer the questions9.
And then run:
$ notmuch new
to index your emails.
Now open mutt i.e.
$ mutt and type
f810. Your terminal should print this:
search ('?' for man):
Type a search term or checkout the manual of notmuch by pressing
Don’t forget to run
$ notmuch new to incorporate new emails into the database11.
You are done. You should have Mutt setup with mbsync, msmtp and notmuch - and your password encrypted with GPG. Let me know if you have any issue, feedback or questions.
Use the manpages and help menu of Mutt, mbsync, msmtp and notmuch to figure things out. Everything is in there. If you are stuck in Mutt and don’t know how to do something, press
?. Mutt will display all the keybindings.
When I first started, I was wondering how to undelete message, create aliases and tell Mutt I want to use Vim for text editing. You might also want to setup more convenient keybindings or change colors. Take a look at my current Mutt configuration file to get some ideas of what you can do.
I got the above done thanks to:
- the manual of Mutt
- the manual of GnuPG
- and the man pages and help menu of mutt, gpg, mbsync, msmtp and notmuch.
- Remove “Save in password manager” option in GPG pinentry
- Stop Mutt or mbsync or msmtp from asking your password each time you want to sync or send an email (email me - I will publish a post)
- Set up GPG with Mutt to encrypt and sign emails (to be published)
I suspect skipping
notmuch-muttalso downloads the script. I have not tried though.↩︎
You can see the configuration file notmuch generated by running
$ less ~/.notmuch-config.↩︎
The man page of notmuch-mutt stipulates that macros should be added the configuration of Mutt. Three macros, including
f8, already exist in
The manual of notmuch stipulates that a cron job or a hook could be used to automate. I might do that in the future.↩︎
I do self-funded research and I'm writing a book.
> What's the book about?
About technologies and epistemology.
Meaning, technologies can foster agency. No doubt. But I am also asking:
Can technologies make us blind?
I posted a summary of the prologue on the homepage: https://yctct.com/