fedaykin / Phoneme

PGPify your gmail.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Phoneme

A (very) simple script to encrypt all existing email in a gmail account with your gpg keys. The intent is that Phoneme is simple enough that even a layperson ought to be able to tell that there's nothing suspicious going on with the code and it does what it says on the tin.

Phoneme goes through your email, encrypts it with your public key as the recipient, **DELETES THE PLAINTEXT UNENCRYPTED ORIGINAL** and sends it via gmail smtp back to your account. 

Phoneme goes through all your folders but only hits messages without "BEGIN PGP MESSAGE" in the body, so running it continuously will not result in constant resending of existing encrypted messages, and it also won't re-encrypt already encrypted messages from your peers that are using PGP to contact you.

Why:

If you don't have time to setup and run your own mail infrastructure, but you still value your privacy. 

For the record I both like and trust Google, this is not intended as an attack on them.

Requires:

1) Setup GPG with your public key imported so you can encrypt to yourself.
2) python gnupg (pip install gnupg)
3) A gmail account, if you have two factor auth enabled you will need an application specific password for your gmail account.

Usage:

Run python crypt_gmail.py
Enter username
Enter password

You will see a report for each mail that is encrypted

See Also:

Mailvelope, allows you to view  your PGP encrypted messages via the traditional gmail web interface without messing around with a client side enigmail setup, using both Phoneme and Mailvelope it's possible to run a fully encrypted webmail service using gmail's infrastructure for storage / sending etc.

http://www.mailvelope.com/

Android privacy guard, allows you to view your encrypted messages on yor phone;

http://www.thialfihar.org/projects/apg/

TODO:

The code to delete the messages once they've been fetched and resent is in there, and status returns from the gmail server indicate that it is working, however on the web interface the messages in question appear to still be there. Fix this.

Gotchas:

All encrypted messages will show as being from "me", if you use your from addresses to sort your messages, this is probably not for you. That said, the full original content including headers exists within the new encrypted message body, so for archival purposes, you don't lose any information.

If you have an enormous gmail inbox, you will likely quickly exceed your maximum mails sent per day.

Does not encrypt the subjects of each message.

License:

http://www.apache.org/licenses/LICENSE-2.0.html

Author: 

Eric Bennett <eric@umbralservices.com>
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xF0B9534AC9A175B1

About

PGPify your gmail.