Hi,
A couple of days ago I’ve heard about Delta Chat, and for once I got thrilled with some piece of technology again. At the surface it’s just a chat app to the likes of Telegram, Signal and WhatsApp. The exciting part, however, is that is uses plenty of open standards technology under the hood. It’s a chat app built on top the regular e-mail protocols, SMTP and IMAP, with a sprinkle of PGP to make it end-to-end encrypted.
It has the same secure initial key exchange issue that PGP e-mail has, but at least now we have an interface that is straight up easy to use, specially for people outside of the infosec world. It support rich media (images, videos, voice messages) and even groups (untested, but I assume it won’t allow newjoiners to read old messages).
What makes me so excited about this is that each message is sent as a plain e-mail message. One MTA sending an e-mail to another MTA. Simple, old, functional. I know e-mail, I have my own server, I can just go to my maildir and read everything. Can I?
Reading Delta Chat messages from the mail server
I’ve used the iOS app for my initial tests, and you can absolutely export your entire chat history decrypted in the app, but I want to prove this point to myself. Let’s try with a message found in my maildir:
Return-Path: <client2@example.com>
Delivered-To: client1@example.com
Content-Type: multipart/encrypted; protocol="application/pgp-encrypted";
boundary="183d0f93c6372f58_1fb940b49edbf5c5_64e1f6b034240ef1"
From: <client2@example.com>
To: <client1@example.com>
Subject: [...]
Date: Tue, 6 May 2025 21:07:17 +0000
Message-ID: <0b5a2c48-472d-45b9-8096-219313f5dea1@localhost>
In-Reply-To: <3325e202-0957-4fd3-ae69-1a8fa94c16ba@localhost>
References: <51784fab-1af1-4ad3-a0b6-a868bd2ad685@localhost>
<51784fab-1af1-4ad3-a0b6-a868bd2ad685@localhost>
<3325e202-0957-4fd3-ae69-1a8fa94c16ba@localhost>
Chat-Version: 1.0
Autocrypt: addr=client2@example.com; prefer-encrypt=mutual; keydata=[...]
--183d0f93c6372f58_1fb940b49edbf5c5_64e1f6b034240ef1
Content-Type: application/octet-stream; name="encrypted.asc";
charset="utf-8"
Content-Description: OpenPGP encrypted message
Content-Disposition: inline; filename="encrypted.asc";
Content-Transfer-Encoding: 7bit
-----BEGIN PGP MESSAGE-----
hF4D6OmtN[...]s9SkewYsB
-----END PGP MESSAGE-----
--183d0f93c6372f58_1fb940b49edbf5c5_64e1f6b034240ef1--
I recognize these PGP MESSAGE headers. Where is the private key? In the backup I’ve exported before. It can be extracted with this command:
sqlite3 dc_database_backup.sqlite 'select hex(private_key) from keypairs limit 1' | xxd -r -p > deltachat.key
Decrypting the PGP message with the exported key, sure enough, reveals our content:
Content-Type: text/plain; charset="utf-8"; protected-headers="v1"
From: "Test 2" <client2@example.com>
To: "Test 1" <client1@example.com>
Subject: Re: Message from Test 1
Date: Tue, 6 May 2025 21:07:17 +0000
In-Reply-To: <3325e202-0957-4fd3-ae69-1a8fa94c16ba@localhost>
References: <51784fab-1af1-4ad3-a0b6-a868bd2ad685@localhost>
<51784fab-1af1-4ad3-a0b6-a868bd2ad685@localhost>
<3325e202-0957-4fd3-ae69-1a8fa94c16ba@localhost>
Chat-Version: 1.0
Chat-Disposition-Notification-To: client2@example.com
Chat-Verified: 1
Message-ID: <0b5a2c48-472d-45b9-8096-219313f5dea1@localhost>
Content-Transfer-Encoding: 7bit
Hello world!
Outro
I’ve tested Delta Chat with my own mail server, which uses Postfix and has everything configured for public e-mail, like DKIM signing, spamd, IP blocklist checks and so on, and each message took about 2 seconds from one device to another. Using a public server it sure feels below 300ms, so there is room for improvement when self-hosting a dedicated chatserver.
I really love this, and I apologize in advance to my friends whom will be pestered to move to Delta Chat.
Thank you!