Can't send encrypted email in Thunderbird

  • Brian Rohan

    Brian Rohan - 2013-05-16

    I installed Thunderbird and Enigmail about 2 months ago. I tested the install and encrytpion with and all worked well. Since then I have merely been signing my emails as I do not yet have others who use GPG. All has been well, when I send a message it asks for my passphrase. Today I tried to send an encrypted email to adele-en just to make sure it works well, and alas it does not. When I hit the send key on a plain text email A dialog box is shown with the key already checked, I select okay and then I receive this error message:

    USERID_HINT BE7228BBF0559C39 Brian J. Rohan (Pacific Northest USA)
    NEED_PASSPHRASE BE7228BBF0559C39 9B10F996AB5AA155 1 0
    INV_RECP 0 74B9151E2DFEBDD6

    I am not prompted for my passphrase as I would be if I were merely signing the email. Any suggestions would be appreciated. I am running Ubuntu 13.04, Thunderbird 17.0.6, enigmail 1.4.6, and gnupg2

    • Patrick Brunschwig

      You're not prompted for your passphrase because GnuPG already got it (I
      assume gpg-agent already has it in memory).

      You're trying to encrypt your message to the key 74B9151E2DFEBDD6 (which
      is equal to 0x2DFEBDD6). However, GnuPG cannot use that key. It might
      not be in your keyring, or it is expired, disabled, invalid or similar.

      I cannot tell you much more as I cannot find that key on the key servers.

      • Ludwig Hügelschäfer

        0x2DFEBDD6 is your own revoked key. As it is revoked, gnupg will not encrypt to this key, complaining with "INV_RECP".

        Somehow you did specify this key as a recipient. Please check your settings!

        Last edit: Ludwig Hügelschäfer 2013-05-17
        • Brian Rohan

          Brian Rohan - 2013-05-17

          Thanks Ludwig, I now see how the key lines up with the error message. I removed the revoked key from my ring in GPG, however I am not seeing where in Enigmail on in GPG that I can get it to stop referencing the bad key for signatures, and use the valid one. Any suggestions?

  • Ludwig Hügelschäfer

    Hi Brian,

    check the following locations:

    1. Thunderbird account settings -> OpenPGP Security
    2. Thunderbird account settings -> Manage identities (bottom right), select each identity, "Edit", then select "OpenPGP Security"
    3. Scan the settings in gpg.conf (location depends on operation system). The use and existence of this file is optional, so maybe you don't have it.



    Last edit: Ludwig Hügelschäfer 2013-05-17
    • Brian Rohan

      Brian Rohan - 2013-05-17

      Thank you very much Ludwig for the patience and reply. Per your previous response I checked all settings in Thunderbird/Enigmail/OpenPGP, and all was correct. Checking my gpg.conf at the bottomw showed that I had a default key that was the revoked key. That led me to going to my application kgpg checking on all of the settings and unchecking the "Always sign with this key" option.

      Thanks again!


Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks