"GnuPG is a complete and free replacement for PGP. Because it does not use
the patented IDEA algorithm, it can be used without any restrictions. GnuPG is a
RFC2440 (OpenPGP) compliant application.
PGP, on which OpenPGP is based, was originally developed by Philip Zimmermann; see his page for background information on PGP.
The German Federal Ministry of Economics and Technology granted funds for the further development of GnuPG." from the GnuPG homepage, http://www.gnupg.org/.
GPGOE is an Outlook Express plug-in for GnuPG created by Timo Schulz. It allows the use of GnuPG within outlook express for both signing, and encrypting/decrypting of email communications. Currently, GPGOE requires an installed and working copy of the Win32(r) version of GnuPG prior to use. Brief instructions will be included here, but should any problems arise with this part of configuring your system, please refer to the GnuPG website. GPGOE is still in the early stages of development, but is perfectly usable in it's current form. Please submit any bug's you find to the author. Please email myself if you find any problems with this document, or if you feel something is missing. I will be happy to help out as much as I can should you experience any difficulties.
Firstly, download the latest GnuPG Win32(r) package from here. Unzip this package to a suitable place, and move the gpg.exe binary to a permanent home (c:\program files\gpg for example). Create a directory to store your keyring data in, at c:\gpg. This directory can be moved elsewhere, the process for which will be discussed later. Follow the instructions at gnupg.org to generate yourself a public private keypair.
Download the latest package available from here first. Unzip the package to a temporary location, and copy gpgoe.dll and initgpgoe.exe to somewhere suitable (c:\program files\gpg again perhaps). Now you need to configure your environment so that the plug-in will know where to find both the gpg executable, and your keypair/keyring's. Timo has provided a .reg file to ease this process. Edit the file, inputting the full paths (I recommend using DOS style naming [progra~1, mydocu~1 for example] in this file). The gpgProgram should point to the fully-qualified location of the gpg.exe binary ("c:/progra~1/gpg/gpg.exe" in my case). The HomeDir variable should point to the directory in which your personal data is stored. When this is done, double click the file to load the values into the registry.
To use the GPGOE plug-in, you must load the initgpgoe.exe program. This will register the DLL, and produce an icon in your system tray to show that GPGOE is currently active. To de-activate the plug-in, double click on the system tray icon - you will then be prompted to confirm that you would like to disable the GPGOE plug-in.
Usage of GnuPG within Outlook Express is done using the S/MIME buttons which you should add to your toolbar. These are standard OE buttons, which would originally interface with Outlook Express's own secure mail (digital certificate) system. If you do not see these buttons when composing an email, you should right click on the toolbar, and select customize. You will be presented with a list of available toolbar options, the ones currently in use of which are down the right hand column. Browse the left hand column until you find the Sign and Encrypt buttons (The icons for which are envelopes with small padlock/seal icons on them [see below]) Highlight the buttons in the left hand column, and press the "Add" button to add them to your toolbar.
You should now see an email composition window something like the following:
Pressing either of the Sign/Encrypt buttons will cause the relevant action to be taken when the email is sent. As of version 0.2.1, you will be prompted to select an ID with which you want to sign the email - this should alleviate problems some people were experiencing when no options file was present in your gpgHomeDir. If you choose to sign the email, you will be presented with a password box. Input your GnuPG passphrase, and the email will be sent with a GnuPG signature block.
If you chose to encrypt the email, a dialogue box will appear for you to select the people to whom you wish to encrypt the email. This list will contain all those people who's public keys are held on your keyring. If you wish to encrypt the email to more than one person, select each person whilst holding down the control button.
Whilst you have the GPGOE plug-in running, any emails you open with a double click will be passed to the plug-in. Note that viewing the email in autopreview/preview pane does not pass the mail to the GPGOE plug-in. If the email is neither encrypted or signed, GPGOE will ignore the message, and it will be opened as normal. If the message is encrypted, you will be prompted for your passphrase, successfull provision of which will display the decrypted message in the output window. Should the message have been signed, the GPGOE plug-in will verify the signature against your keyring,and produce a small box to confirm the validity of the signature.
GPGOE is still in fairly early development. It is perfectly usable in it's current form, but it is not without bugs. So long as you have configured the registry properly, you should have very few problems with using GPGOE. Some of the common problems / errors and bugs are discussed here. Please check this document frequently to see if a problem you are experiencing is due to a known bug.
Firstly, thanks to Timo Schulz <email@example.com> for producing the GnuPG Outlook Express plug-in (GPGOE), and the whole of the WinPT team for their hardwork in bringing opensource privacy to a Windows desktop.
Also, thanks to the whole GnuPG team <http://www.gnupg.org/> for their hardwork, and dedication to the free software philosophy.
If you have contributed to this document and/or the GPGOE plug-in, and feel you should be included in these credits please accept my apologies; drop me a mail and I'll add you to the next version.
This document was produced by Lee Evans <firstname.lastname@example.org>. All content is to be considered the property of the GPGOE plug-in developers to distribute/licence as they please.