It's the end of 2019 and there still is no decent, usable, #PGP-enabled e-mail client that I could roll-out to regular, non tech-savvy users without feeling bad.

10 years ago that would have been #KMail. But KMail shot itself in the foot, knee, and hip with Akonadi.

#Thunderbird is... Thunderbird.
#Mailpile doesn't do writes to IMAP, so you either use *only* it, or not use it at all.

#Kube just crashed on me because I tried to reply to a signed e-mail.

Anybody any other suggestions?

@rysiek I can't help feel defeatist about email security given that it seems like a more viable option to store local maildir as an encrypted loopback file and then create a local MTA proxy that just buffers up outbound and inbound mail until you unlock your gpg-agent and then uses it to attempt to transparently encrypt and decrypt and use whatever MUA on unencrypted local maildir :/

@grimmware you're *almost* describing kuvert. That's how our infrastructure send signed and often encrypted e-mails from our services:
https://www.snafu.priv.at/mystuff/kuvert/

Fun fact, the "mustencrypt" option was added after we explicitly asked for it. 👍

I should really blog about how we use kuvert to encrypt outgoing automatic mail from our infrastructure; and how we use Schleuder3, offlineimap, and opensmtpd to have encrypted e-mail groups.

Before I do this, here's some stuff I dockerized for this:
https://github.com/occrp/kuvert
https://0xacab.org/schleuder/schleuder/
https://git.occrp.org/libre/schlocker-compose
https://git.occrp.org/libre/docker-opensmtpd
https://github.com/occrp/docker-offlineimap

@rysiek I used offlineimap for quite some time but found that it could sometimes get wedged due to intermittent connectivity so I switched to mbsync.

My use case was being able to do maildir-based email over a cell connection though... I wrote a daemon in golang to handle it all (testing for connectivity, fetching mail, flushing my msmtp mail queue) because apparently I like overcomplicating my life for the sake of the 3 minutes a year where I want to read my mail on my laptop on the tube.

@rysiek holy fucking shit the amount of my life that I've dedicated to my mail setup it makes no sense.

@kensanata @grimmware @rysiek no doubt a big portion of that is connected to the spam fight, & the collateral damage from incompetent admins using #spamhaus w/reckless disregard.

@resist1984 @kensanata @rysiek Oh good lord I stopped even trying to maintain my own MX ages ago because of all this nonsense (more power to everyone who stuck it out!) - I've managed to waste most of my time client-side - offline outbound queue, IMAP->maildir syncing, and PGP hygiene (which I've also sacked off).

Ever get the feeling that you're keeping a very old federated service limping along?

@grimmware @rysiek @kensanata I took the hard-ass approach b/c I felt that by complying with corporate greed and control I then become a supporter of it. Refusing to be part of the problem means running my own MX & refusing to correspond w/ @gmail and @outlook users. I've become a heavy fax user as a result. Fax is much more reliable than email.

@resist1984 @grimmware @kensanata

"Fax is much more reliable than email."

...words seldom uttered. But I get your point.

@rysiek
Just noticed your original post. A good option for lowtech users used to be #Hushmail since non-HM users could do all the key management. Now that HM has a cost that I usually can't impose on others, I often pimp #ElectronMail (& thus #Protonmail). It's worse than HM but it's a sad state of affairs these days. Anything else becomes too challenging for normies.

@grimmware @kensanata

@rysiek @wiktor both HM and PM /can/ be used w/out the live j/s that enabled the sterioud investigation.. they both have that option but most users don't bother to take advantage of it.