Episode: 3467
Title: HPR3467: Protonmail in the terminal
Source: https://hub.hackerpublicradio.org/ccdn.php?filename=/eps/hpr3467/hpr3467.mp3
Transcribed: 2025-10-25 00:01:02

---

This is Haka Public Radio episode 3467 for Tuesday the 16th of November 2021, today's show
is entitled, Proton Mail in the Terminal, it is the first show by New host D&D, and is
about 38 minutes long, and carries an explicit flag, the summary is, one way of doing Proton
Mail in the Terminal.
Hi, this is D&T, this episode is a response to 3431 by black colonel, the one called
Living in the Terminal, because he talked about doing his email in the Terminal and being
a Proton Mail user, so after a little while I did find a way to do it that's working out
okay for me, so I thought I'd make this first episode that I'm posting about how I'm
doing that.
Here are the applications I use in the Terminal in combination to read and send emails, so first
of all of course Proton Mail Bridge, that is run in T-mux, then for syncing, I use iSync,
whose command is actually MbSync, you can also use offline iMab, which is written in black
colonel's favorite language Python, then next the not much application is what tags and
searches emails, it uses some other application for the actual indexing of the emails themselves,
not much itself is more about the tagging of the emails, then a few is an application for
moving around email files, and then it's got like some filters that are run automatically,
I mean that you can run them on the command line, but I just have them run as hooks in not
much and in this script that I run to update everything to sync everything, then a lot
is the actual Mail user agent, so to speak, that's the one where you read your emails and
where you send emails, and you can also do other operations like tags stuff, and of course
do not much searches as well, so it's like a front end for not much, which is usually otherwise
run only on the command line, and then MSMTP is what sends the messages, and W3M is the text
based browser that actually reads HTML emails and shows them in a decent readable form in a lot,
you can use whatever other command you choose, it works by a mail cap, so you just put a mail cap
entry, and I'll show you later I've got this function, like a shell function that's in the
ZSHRC file that tells it to open a lot after populating the mail cap file with the command I want,
depending if I want to open my HTML emails in, well all the emails actually in an actual browser,
in my case cute browser usually, or in the text browser W3M, so next three shell functions that I
put in my RC file, yeah that's one of the things I learned from the episode, from black kernel,
is I didn't realize that you could just define a function in your RC file and then just call it
your shell like it's a command, so I have a bunch of I have a folder full of scripts that I
maintain for you know part of my shell environment basically, and so now I see that I could just put
them in, there are several of them that would make sense to instead of have them as actual scripts,
just have them in the RC file much simpler, and also another thing that I like is that you can type
which, and then the command, and whereas normally it'll tell you the path to the script,
if it's a function in your RC file that'll just print out the whole function which I think is
way better, anyway, so for a little while I was using move4e in emacs, that's move is the name
of the application and move4e is like the emacs module to use it, and it's not bad but it looks
like in RC Linux, it means you have to get move from the RC user repository, and then also the
doom emacs, I use doom emacs, it's an emacs configuration, and it seems like they're always
changing their email module, and a few times it stopped working on my computer so,
and also it just wasn't that great, and I kind of wanted to move the email out of emacs just to
not do so much in emacs, you know, though emacs is the editor that does everything else that
edits text, and also does everything else, doesn't mean you want to do everything else in it,
so, anyway, I got tired of that and started looking for a way to just do email in the terminal,
in just the simplest way I could find, so this was it, it wasn't simple to set it up, but it's
been simple to use, so of course everyone's heard of mut, but for me, so far the initial onboarding
for that has been a little too much, you know, setting up that configuration file, and also
like much of email, you know, it's like email applications in the terminal specifically,
certainly in the terminal, they really reflect how fragmented and messed up email is,
you know, even mut, you use, there's like mut dash not much, to use not much searches as
virtual folders in mut, so yeah, it seems like everything is actually using like three other things
in the background, and so yeah, like I listed here, I'm using nine different, eight different
applications to just read my damn emails, that's how crazy that is, but anyway, the way I finally
got a set up works okay, and I'm liking it, so, anyway, so I don't doubt that one day I will move
too much, perhaps, but so far this is working pretty well, mainly the drawback of what I'm doing is
not much, and a lot, they kind of, by default, they don't really care where your messages are,
and there's not really an easy way to move messages from one director to another,
not much kind of wants to just treat all your emails, all your directories, everything in all
of your mail directories, they just want to treat as one thing, as just one big repository,
and I kind of like that too, I actually keep my local folder of mail is just one folder,
and then I just have tags in it, the way you can overcome that is with the application of few,
which can automatically run queries, not much queries, in certain folders, and then move
the returned files to another folder, you can define those rules per folder, and we'll go through
the ones I've made, so, moving on, the mail user agent is a lot, which has a terminal based
interface, relies primarily on not much to find messages to show you, you can choose your own send
mail editor and address book commands, I use MSMTP, them and card respectively,
card is k-h-a-r-d, so, when you're composing a message, you can get tab completion for your contacts,
it renders your plaintext emails very nicely, this a lot, I mean, you know, it color codes everything
to help you keep track of the replies and all that, the inline replies,
and then I'll quick aside about this, after when you start, when you subscribe to some hacker
mailing lists like this, you notice how people reply in line like that, and then finally you
understand what Google was trying to do with Google Wave way back when, which was supposed to
be going to replace email entirely, right? So, yeah, this way of communicating via email that we
see a lot of people do in mailing lists about open source projects, it's pretty interesting
replying inline like that in the middle of the other person's email, and then you are kind of
collectively building this one document, it seems, which is kind of what Google Wave was, anyway,
moving on. So, it renders your plaintext emails pretty nicely, also shows HTML email as well
with W3M or your choice of a text-based browser, and it can also open them in a regular web browser
if you have an accession running, not much is for tagging and searching in a mail directory,
which you may know is a way to store emails in which message, each message is one file,
its main subcommands for not much are not much tag and not much search, with tag you give
it a query and some tags to add and or remove, with search you give it a query and some information
about what kind of output you want, two key things to know about not much is like I said before,
it doesn't really care where your messages are stored, you tell it where your messages are,
it'll pick up everything in the subfolders and it'll just kind of treat them as one big repository,
now there are ways to query by the subfolder that the messages are in,
if you use it you kind of understand that it's not really what it's meant to do,
it also doesn't not much, it doesn't really care about individual messages, it cares about threads,
so that can sometimes be a little confusing because although the individual messages can be tagged,
like I mean whenever you tag a message you tag a message, not the thread,
but if only one message in a thread has a certain tag, a search for that tag will return every
message in that thread, so the way not much determines what thread a message belongs to is a little,
is also somewhat greedy, for example I once started a reply in a lot and then I decided it was
not a reply after all, so I rewrote the subject line, my sent message after that, after sending the
message, the message was still added to that thread, so I deleted and re-imported the message into
not much, into not much as a repository, a few times before I finally got it to recognize as
its own new thread, not a reply to the first thread, and I found in the end I removed information
from the message headers and stuff, and in the end just from the quoted text below,
it knew to add that message to that existing thread, which I thought was kind of impressive,
but also maybe a little too greedy, because normally there's an entry in the headers that tells you
what the original message was, right, but anyway even removing that, it's still found the original thread,
all right, so you might sometimes have a thread that contains messages that are in different
male directories, and not much does not care about that, you'll show you all of them,
it won't show you the folder the message is in, also, like in its default output, you can of
course get the file path as an output, which in that case you will see where the message is, but
by default it won't give you that, so anyway, and you can narrow your search by what's in a folder,
by using the queer folder colon that folder that it's in, I wouldn't go as far as saying that
the relative disregard for folders is a downside, in a way it's one less thing for you to be aware of,
you know, and also folders in emails are very often not really folders, they're labels, right,
in modern most things like Gmail and stuff, the folders aren't really folders,
especially, you know, because the thing that shows you that they're not is because there's that
stupid all male folder that pulls in everything, so, so basically the thing that I, all right,
so about proton male, so proton male honestly has been kind of a disappointment for me, I wish I hadn't
switched to it, the only thing I like about it is the domain pm.me, which is very short, I like that,
but yeah, it has several problems, you know, recently there was someone, there was a post on
hacker news about how, about password managers, and they basically argued that you shouldn't use
a password manager that works, that's a browser extension, right, because browser extensions are,
you know, a security risk, but also he, the person that wrote it, wrote what I found interesting
was they wrote about how any service, any hosted service that says it's end to end encrypted,
it can basically be, since you don't control the code, you don't upgrade it yourself and all that,
you know, some hacker or some state agent could take control of the service and then update the code
to a compromise it, so sure like your messages supposedly are saved, they're encrypted with your
GPG key and you only have the passphrase for that key, that's all great, but you know, the code could
conceivably be changed to save a copy of your messages once you go and decrypt it, just go ahead and
save a copy of them in plain text as well, because I want to look at them, you know, that could
conceivably happen, so in a way that kind of means these claims about end to end encryption,
are kind of flawed, you know, and also we have to consider, you know, in proton mail, I have never
written a message, I mean maybe once or twice I have messaged someone who also had a proton mail
account, and you know how many of us have GPG keys and have thought about the whole GPG encrypted
email thing, but have never actually communicated with end GPG encrypted email, that's another thing,
so I've just come to the conclusion that, you know, I still don't really trust the proton mail
server, I don't really want to have my emails in some server, so I always, from time to time,
I always move the messages to a local folder here, when I don't need them anymore, but I want to keep
them, I just move them, and I don't keep them in the server, because I don't need it, so
so I could as well do the same thing with a Gmail account, you know, but then there are other
this disadvantages like Gmail, I think gets a lot more spam than other stuff, I get very little
spam in my proton mail account, so and I think that's not just because it's been around for
last time, I think, you know, I don't know, Gmail accounts, I think get more spam, so you rely
more on the Gmail built-in spam filter, and all right, moving on, so yeah, proton mail, the
you know, proton mail bridge kind of sucks, and the way they implemented their iMap thing
is not great, you get your messages, like say if you delete a message from a folder,
it'll, even if you delete it from the trash, it'll still end up in that all mail folder,
with no tag, which is just crazy, like if you open your all mail folder in proton mail in the
web app, the folder that the messages are in are up here kind of like as if they were a tag,
you know, so but then you have the archive folder, you have the trash folder and inbox folder,
all those things, if you delete a message via iMap from the trash or from whatever folder,
then the message will show up in your all mail folder with no little tag there, so it's like
it's in no folder, it's just floating in your, you know, it's like on the floor I guess, so
what is that, and so these aren't folders then, you know, so the only way to delete a message from
proton mail is to move it to the trash and then to go to the web app or your mobile app and empty
the trash, that's really stupid, and even in Gmail, you can, you can configure it to,
to, you know, once a message is deleted from the last iMap folder, just deleted, you can do that
and it works fine, but not proton mail, proton mail, you know, it keeps, it just puts it on the floor
and it's there forever if you don't go and take care of it, so, you know, several disadvantages
there, that means you have to sync the trash folder which otherwise you wouldn't have to
so that you can via iMap move messages to the trash and then later at some point you have to go
on their web app or the mobile app and empty the trash, so yeah, here a quote from the article
about password managers, um, despite what your vendor says, if their network is compromised,
the attacker can read your passwords, here are some selective marketing claims from password
manager vendors, no one apart from you and not even us has access to your passwords, we keep
your information private, secure, and hidden even from us, your data is secured in a way that
only you can view it and manage it, our employees can't, these claims are all nonsense,
an attacker or malicious insider in control of the vendor's network can change the code that
is served to your browser and that code can obviously access your passwords, this isn't far fetched
altering the content of websites, um, defacement is so common that it's practically a sport,
the reality is that you have to trust your vendor to maintain their infrastructure and keep
it safe, the existence of encryption, bank grade or not does not alter this, perhaps you think
this isn't a big deal, you already trusted them when you installed their software, fine,
these claims are front and center in all marketing, so vendors must believe their customers care
I think these claims are bending the truth to a swage legitimate concerns and quote,
yeah, the, you know, the writer argued that any service that stores your data and says it's
into end encrypted, if you don't control the server at the end of the day someone like a state
actor could compel the company to release an update which we won't hear about and put an end
to end to end encryption, so combined with the reality that most of our emails arrive to proton
mail unencrypted anyway makes me seriously doubt the validity of any of these privacy-focused
email services, so yeah, like I said the reason I'm still on proton mail is just because I don't
want to change my email address again, but if I could I would, I mean if I could pay for an email
company that implements a very straightforward IMAP with folders, you know, no all mail folder,
and then, and you know, it's an independent company that, you know,
that I feel confident about or whatever, that I could pay I would, it would not have to have
end to end encryption, good luck finding such a service, all right, so I've got this
function that's in the show notes called sync mail, I run it from the command line,
so first, so I'll come in, I'll run the alias pmb which starts a new tmux session
running the proton mail bridge CLI, and then that'll be running in tmux, and then
immediately I do sync mail, and then here's what sync mail is going to do, first it'll archive
messages, so that means it'll take emails that I have tagged with the tag archive,
and it'll copy them to a local archive folder, and it'll, I've written it to use our sync to do
this, you can have not much search, give you the files with the full path separated by null characters,
and then you can type that to our sync and you can set it to read in,
with having the null character as the separator, and you have to also give it the no capital R option,
which is no recursive, so it won't copy the files with the full path, it'll just copy the files
alone, and that's important because you may have files tagged with the word archive in multiple
different directories, and we just want to pick them up and just dump them in the archive directory,
so for the search query, obviously we'll have to do tag archive and not folder archive,
because I want to copy there only the mails tag archive that are not already in the archive folder,
so then after that it'll use a few to move mails, so there's a configuration file for a few,
that you can put in your regular config folder, that defines what are the operations you want to do,
I'll read through those later, then after it does this, it runs mb-sync to actually synchronize
all the mailboxes with the iMap folder from proton mail bridge, and then finally it runs not much
new to update the database, it just reads the mail directories and updates not much as database,
and then there are also hooks that run before and after not much new, I think I only use the
post hook, I don't think I use the pre hook, I think I moved those operations to this command here,
to this function, and likewise I could move the post hook operations to the function as well,
and they'll probably be good to make them more readable, so now a few operations that it does,
so you've got to have the myconfig file is in the show notes as well, so you can have a look there,
you have a section called mailmover in which you define what folders we want to work on,
what folders we want to look for, mails to move in, so because I use mb-sync I have to use this
option rename true, because of how mb-sync works, it doesn't matter to get into it here, so then
then finally you have a bunch of the actual operations that you want for each folder, so like in the
folders item I listed all the mailboxes, all the mail directors that I want to look into,
so PM for proton mail, slash inbox, PM slash scent, PM slash mailings, which is where most of the mail
I get goes, it's kind of like the newsletters and things like that, then PM slash archive,
and PM slash trash, and finally Gmail slash inbox, because I also have a Gmail account,
so then after that I list PM slash inbox equals, and then you can have a series of
structures like this, just space separated, that are in single quotes, the not much query,
and then colon, and the director you want to move the resulting messages to, so for example PM slash
inbox equals single quote tag killed, or tag archive colon, PM slash trash, so any message that
has the tag killed, or the tag archive, I want to move it to the trash folder, and this is valid
only for messages that are in the inbox folder, right, so now obviously tag killed, it's
easy to see why I would want to move it to the trash, but I also include tag archive because
you may recall then, and the first step of my function actually copied files with the tag archive
to a local archive folder, so once I have a copy of that message in my local archive folder,
I don't want it wherever it was in proton mail, so I'll move it to the trash, the reason I'll do
that is because as we know, if I just delete it, it'll be left on the floor, so then I have similar
entries for the other folders in proton mail, and then finally I have the Gmail slash inbox,
I don't delete it, sorry, the query is tag killed, so if this thing finds a message in Gmail slash
inbox with the tag killed, it'll move it to my local trash folder, and what that'll do is the message
will be my trash folder, where I can keep it for as long as I like, and since it'll be gone from
the Gmail inbox, it'll just be deleted from there, it won't be left in the all mail folder or
anything like that, that's because I configured my Gmail account to once mail is removed from the
last IMAP folder, just delete it, makes perfect sense, doesn't it, so anyway read through that
configuration, and you'll see what I'm talking about, so after the a few command, we'll do
MB sync, that'll you know, it'll push all the changes that we just made based on the tags,
we'll push them all to proton mail and we'll pull any changes there, and I'll also share my
MB sync RC file, which has some configurations there of note, specifically I have the proton
mail trash folder, there's an option sync, and I have it as push new, so what that'll do is if there
are new messages in the remote trash folder, I don't need them, just don't send them to me,
the sync push new option will only push new messages in the trash, so if I delete a message in
my local trash, my local copy of the proton mail trash, if I delete anything, it won't be deleted
from the proton mail trash, and so what that means basically is if I found on the phone, on the
mobile phone, in I get a message in proton mail, if I just delete it, if I just send it to the trash
in the mobile app, it will never be downloaded when I sync my mails here, because I've already
trashed it, I don't want it, so that does that, that's all actually, anyway you can have a look at
the whole thing and the show notes if you want, I also have my MSMTP configuration file here,
which is pretty simple, nothing much to talk about here, you can set a bunch of things here,
note that all in all of my configuration files, I have all the passwords obtained from pass,
so for example, an MSMTP, you have a configuration password eval, and you can just make it a
command, a shell command that will return the password, so of course that will pass space proton
mail bridge, just to get my proton mail bridge, I'm at password, so going back, so finally
about opening messages in a lot, so what you need is you need to populate the dot mail cap file
in your home folder, it has to have this line that says for example text slash HTML, semicolon,
cube browser, percentage s, semicolon, and a bunch of other stuff, so what I did was I created
a function in my zshrc file, that's called a lot, and then as its first argument, if I have the
string dash x for accession, then it'll echo the line, and it'll send it to the mail cap file,
it'll echo the line that has the cube browser command to open the message in cube browser,
and if it does not have that, so else, it'll echo the line that uses w3m to open mail cap, so
that means if I run a lot, alot, when I open messages, they'll open in the terminal, and convert it into
plain text, even when they're HTML messages, and if I do alot space, x, and I run it like
that, then I'll get alot the same way, but when I open a message, it'll open a cube browser window
and show me the message there, and it'll render it nicely there, the only thing I've seen so far
that still doesn't render right, is this message from the usboso service that I get every day with
the mail that I'm going to get today, it doesn't show the images for some reason when I open them in
cube browser, yeah I think that's about it, so this was my first episode of hacker public radio,
hope it made sense, please leave a comment if there's anything that didn't make sense,
also leave a comment if you know of a better way to do any of this,
sorry that it's so much of it is in Python, that's for black kernel, so,
and yeah, so the other day I sent an email message to the hacker public radio newsletter,
and I had the honor of having it read by Dave Morris in the community news later on,
so DNT is actually, it doesn't really originally stand for do not translate, it comes from my name
actually, but when I created the email account, it wouldn't let me do just three letters, so
I decided to type out do not translate, which is an acronym, usually it's written as DNT a lot of times,
I work with software localization, so DNT is kind of a, it's sadly common to have
monolingual developers or UX designers, or however, just decide that something should not be
translated, DNT though, right, and then yeah it's if you're a support agent trying to help a
customer in another country, non-English speaking, and then all of a sudden you run into some
monstrous do not translate word, that's like a, oh it's a feature name, or you know whatever,
whatever ridiculous reason, less not translated, let's just throw these English words at people,
so yeah, it's something that kind of irritates me and I suspect others who also work in localization,
should always let the, you know, people in the countries, or at the very least people with
language knowledge decide what should or shouldn't be translated, anyway, so do not translate is fine,
though, I'll go by DNT here, and that'll be just fine, so yeah, later I'll have a look at my
other episode that I already recorded about porridge, maybe it'll become one of the emergency
shows, hopefully it'll never be posted in the main feed, and I'll try and put out some other stuff
too, thanks everyone.
You've been listening to Hecker Public Radio at HeckerPublicRadio.org. Today's show was
contributed by an HBR listener like yourself. If you ever thought of recording a podcast,
then click on our contributing to find out how easy it really is. Hosting for HBR is kindly
provided by an honesthost.com, the internet archive, and our sync.net, unless otherwise stated,
today's show is released under a creative commons, attribution, share like 3.0 license.