-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 . I seem to be the only one on the globe with this problem. When I encrypt a message using KMail and GPG, to an Outlook user, they invariably get a message, "encrypted session key is bad". Checking Google there is some confusion, but the most credible answer (from Disastry) is this is: "probably because of MDC. GPG uses MDC with AES,Twofish. however 6.5.8ckt06 should be able to decrypt Blowfish encrypted msgs. "you can disable MDC with --openpgp switch. then 6.5.8ckt06 should be able to decrypt all ciphers. "> P.S. Disastry... what's MDC and why does GnuPG use it? "Modification Detection Code, generaly SHA1 hash of message appended to message before encryption." OK, so the problem is messages are being encrypted with the wrong algos. Algo order is hard-coded in GPG, and I'm not going to change/recompile. I want to stay as standard as possible. So the answer is to set the switch --openpgp . After a full day of research I have ascertained that KMail uses code fragments from the old KPGP... actually .css , to hook GPG. I need somewhere to tell GPG to use the --openpgp switch. Normally this would be in the ~/.gnupg/options file , but I added the line openpgp and it has no effect. So GPG must be getting called with a different config, maybe via an environment variable. Another option is to have the KMail|GPG interface use --openpgp as an option to the invoking command, but I cannot find this interface anywhere. I believe Geheimnis is the successor to KPGP, so I installed it from the Suse8 disks. Started it up, and it wanted to be configured. JOY, there is a place to modify the commandline, although I do not know whether this is the same commandline invoked by KMail. So I set up Geheimnis, leave it running and send an email encrypted. Whoops, still bad sessionkey. AND when I stop and restart Geheimnis it forgot I had already set it up! It is not writing its ~/.geheimnis file. It was running as my user, but it couldn't/wouldn't write to my user dir. Could this be related to KMail not reading its config file, as I noted in my post titled, "KMail ignoring config file"? Seriously considering going back to Netscape mail. Too scared of Evolution's bugs. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjzyTngACgkQnQ18+PFcZJuWFgCeJgUcqm+Zmmx21jNfV+W+792v jAYAn2WId6C2soILzmXp0LMFxQyl3OYz =1bOq -----END PGP SIGNATURE-----