Configuring Enigmail to forget passphrase on idle

[Talkhead]

Hey!

I'm having some trouble with Enigmail and Thunderbird 17.0.8 on Xubuntu 13.04. Whenever I click on an encrypted email I get a prompt for my secret key password. But this seems to only happen once per my linux session. Every other email gets decrypted automatically, and I will not get prompted again for my passphrase for as long as the computer is running. I'd like to set it up so that the passphrase is forgotten after like 5 minutes since it was last needed. I tried, but failed miserably. I need some help, please.

Each time I edit the enigmail GPG settings I get this warning:

Your system uses gpg-agent or a similar tool for passphrase handling (gpg-agent is mandatory if GnuPG v2.0 or later is used). Since caching of passphrases is handled by gpg-agent, the respective timeout settings in OpenPGP are disregarded. In order to change passphrase caching options, please configure your gpg-agent tool.

Good, my system seems to be using gpg-agent for passphrase handling. How do we configure it? I read some docs and created a "gpg-agent.conf" file in my ~/.gnupg/ folder, and put this inside:

pinentry-program /usr/bin/pinentry-gtk-2
default-cache-ttl 300
max-cache-ttl 3600

But this doesn't seem to be working. Thunderbird still remembers the passphrase and decrypts the email even 12 hours after I kill the gpg-agent and close Thunderbird. Only a reboot works. Where the heck does it cache the passphrase? And why won't it forget it as it's supposed to???

Here are the only active options in my gpg.conf (I removed all comments):

no-greeting
keyserver hkp://keys.gnupg.net
use-agent

[Patrick Brunschwig]

You might be using a different tool doing the same as gpg-agent, such as seahorse-agent. Enigmail can't know this, as this is something GnuPG would know. In this case, the agent configuration might be elsewhere, e.g. somewhere like Ubuntu keyring settings.

[Talkhead]

Hey, you're right! I just killed the gnome keyring, and Thunderbird was now asking me for passphrases like crazy! Is there a way to switch to gpg-agent? Should I?

[Patrick Brunschwig]

I'd assume that yes. You'd need to uninstall seahorse and install gpg2 (or gpg-agent).

But I'd assume that it might be easier (and closer to XUbuntu standards) to find out how to configure seahorse / seahorse-agent.

[Talkhead]

I don't use seahorse, it's not even installed on my system. As I said, Thunderbird seems to use gnome-keyring to cache the keys. Both gpg2 and gpg-agent are already installed and gpg-agent is aready running and configured to run on startup.

EDIT: Okay, I disabled gnome-keyring-daemon by unticking the "Launch GNOME services on startup" tickbox in the XFCE settings/session,startup and it seems to be working fine now.