If the trust is set to anything less than "ultimately" (e.g. even "full" does not work), gpg will give a prompt, if one really wants to encrypt to that key. This prompt is "short-circuited" when run inside sendmailadvanced, thus no encryption takes place then.
oh, it appears, there is a bug in sendmailadvanced: the default in gpg_recipients must be something to which actually can be encrypted (even though, it will not be used for encryption, if there is another recipient with a usable key).
]]>Yeah, I am sending with sendmailadvanced. I'll try with buildmaster@archlinux32.org in /etc/sendmailadvanced.conf.
This worked! Thanks!
]]>2021-02-02 13:25:22 0 Invalid encryption/signature - ignoring this message. [GNUPG:] NODATA 2 [GNUPG:] FAILURE decrypt 4294967295
2021-02-01 15:07:25 0 Invalid encryption/signature - ignoring this message. [GNUPG:] NODATA 2 [GNUPG:] FAILURE decrypt 4294967295
I tried reporting to another email account of mine, and it works, the mail comes through with the required Subject, and stabilise: hash some-package.pkg.tar.zst.
And there are packages, the list is not empty.
2021-01-31 18:13:33 0 Invalid encryption/signature - ignoring this message. [GNUPG:] ENC_TO 15BAFAA6CE71B11B 1 0 [GNUPG:] BEGIN_DECRYPTION [GNUPG:] DECRYPTION_FAILED [GNUPG:] END_DECRYPTION
2021-01-31 17:23:26 0 Invalid encryption/signature - ignoring this message. [GNUPG:] NODATA 2 [GNUPG:] FAILURE decrypt 4294967295
is me.
I followed eugen-b's guide up above, I was able to get every step upto this:
* Then I (found out that) I had to import the key of the buildmaster@archlinux32.org, I imported C963C94DD204443D
gpg --search-keys buildmaster@archlinux32.org
and set trust to ultimate (enter 'trust' and select ultimate)
gpg --edit-key C963C94DD204443D
That did not work, because the two gpg keys I found for buildmaster@archlinux32.org are expired.
After parsing through the interpret-mail script, I also found archlinux32-buildmaster@eckner.net, but I could not find gpg keys for that either.
I triple-checked my gpg key fingerprint for sanity's sake to make sure I did not give the wrong fingerprint.
Is there something I have to put in /etc/sendmailadvanced.conf? What should that file look like, ideally?
msmtp isn't a problem, because I use it for my email setup, neomutt+isync+msmtp+notmuch. And I can send gpg encrypted messages just fine.
Just to follow eugen-b's instruction's sake, I even uploaded my gpg key to pool.sks-keyservers.net.
And https://archlinux32.org/keys.php?k=C556 … CE9298C296 does show my key, so I doubt there is anything wrong there.