Topal: GPG/GnuPG and Alpine/Pine integration

Copyright (C) 2001--2015 Phillip J. Brooke

Topal is a `glue' program that links GnuPG and Pine/Alpine. It offers facilities to encrypt, decrypt, sign and verify emails.


See the included documentation for all the stuff like licensing, recent changes and instructions.

Release 76

The current release of Topal is 76. Send email to if you would like to be notified of new Topal releases by email.

Files for download

Most recent changes

29/4/2011; release 73
Fix crash when sending attachments with spaces in filenames.
Add new switch, wait-if-missing-keys, which requires the user to acknowledge if keys are missing when defaulting to encryption.
Slightly reorganise configuration menu to keep it within 24 lines.
Update documentation re: crashes related to the second patch and mailcap files.
Topal makes greater efforts to check that external commands exist before running them.
Exception messages are repeated via Ada's exception handling (if Topal panics).
Added decrypt-prereq option. See this note.
Experimental S/MIME sending support added.
More use of GnuPG's --status-fd option so that we can determine exit status properly.
Replaced ancient expanding_array package with Ada.Containers.Vectors.
Adding sendmail-path filter mode. This is needed for the S/MIME encrypted and S/MIME sign+encrypted modes. (Otherwise only Topal can read them; neither Outlook nor Thunderbird will cope with an S/MIME part inside multipart/mixed.) This mode also needs pinentry-qt for gpgsm: pinentry-curses doesn't like this environment.
In the sendmail-path filter mode, we no longer need the content-type guessing. We can simply re-use the content-type from the original header.
Added replace-ids option which can replace Message-ID (and also Content-ID) in sendmail-path filter mode.
The sendmail-path mode can also add a token to help spot our cc'd emails. Use something like st=user@domain,token to set a password. This is hashed with some headers for each email and added to an X-Topal-Send-Token header. Topal then has a -cst token mode which adds a X-Topal-Check-Send-Token header with either yes or no for that header.
Investigation suggests that group addresses are handled other than I expect. E.g., Group name:; in the to: field and the actual list of addresses in lcc field will result in the addresses appearing in the bcc field in sendmail-path filter mode.
Rewrite main documentation in LaTeX: the main manual is now topal.pdf. The change log is still in HTML.
Start adding interoperability notes to manual.
Diagnosing issue with clearsigned (both OpenPGP and S/MIME) emails that have passed through an MS Exchange server being corrupted.
Added opaque signing option for S/MIME.
Added attachment-trap boolean option. In -asend mode, this causes Topal to complain if the message body contains the string “attach” but doesn't have any attachments.
23/6/2011; release 74
Oops, wrong year in release 73 date….
Topal needs GNAT's -gnat05 switch.
Documentation update:
Added include-send-token switch, where 1 never includes them, 2 asks and 3 always includes them.
Warnings about configuration errors now go to stderr, rather than messing up other processing output.
Heuristic for attachment trap is improved. This now copes with the case where the email comprises a single multipart/mixed MIME part.
Some comparisons for content-types are case-insensitive now.
26/2/2012; release 75
Most changes this time are to cope with non-cryptographic meddling for my work environment.
Fix Clean_Email_Address to cope with mailboxes with double quotes and commas.
Added fix-fcc option that modifies a X-Topal-Fcc header. It is encrypted using the send-token for that sender to X-Topal-Fcce. The --check-send-token filter will also reverse this.
Added fix-bcc option that adds a X-Topal-Bcce header. It's handled similarly to X-Topal-Fcce, but records the Bcc contents. The --check-send-token filter will also reverse this. Fix token hashing so that it copes with different outputs from openssl sha1.
22/2/2015; release 76
Add -raw command, that can be used by piping a raw message (with free output) from Alpine. Also usable on an mbox from the command-line.
Multiple documentation updates, including deprecation of the two patches to Alpine, contact email address and copyright dates.

Last generated: Sun Feb 22 16:17:43 GMT 2015