Re: [Djigzo users] Issue with S/MIME decryption most likley caused by Exchange attaching corporate signatures
On 04/20/2018 06:08 PM, Martijn Brinkers wrote: > > Opaque signed are signed message but in encoded form and require a mail > client that supports S/MIME. Clear text signed messages can be read with > a non S/MIME aware mail client. Outlook opaquely signs a message before > encrypting it. > > Can you check with a mail client that supports S/MIME (Thunderbird, > Outlook etc.) whether you can read the message? > > If the message is opaquely signed, the "solution" is to have ciphermail > remove the signature. The result in then a normal message. > Looked good in first tests. Thanks for helping out. Best regards Olaf ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
Re: [Djigzo users] Issue with S/MIME decryption most likley caused by Exchange attaching corporate signatures
On 16-04-18 17:27, Olaf Schwarz via Users wrote: Hi all, I have an issue with the decryption of S/MIME mails, and hope someone can be of help. To be honest I did not got very deep down the rabbit hole with this one, as I expect it to be a common problem someone else might already have solved. Issue description: S/MIME mail is decrypted but given back to the mail queue as an empty mail with an attachment called "smime.p7m". This attachment includes the message in plain and certificate information. But this does not happen with all S/MIME encrypted mails. Ciphermail Version: Version: 3.3.1-0. Built: 2017-10-07-08:36. Current thoughts: I guess this might be related to mails which are signed\encrypted by a local client and the corporate exchange server adds corporate text signatures to that mail. ( like the "think before print " or legal disclaimers) CipherMail contains code to gracefully handle S/MIME unaware disclaimer software, i.e., CipherMail can detect whether a disclaimer was added to an S/MIME message, thereby creating a non S/MIME message, and repair the message. It does this by changing the smime message into an attached message (application/rfc822). Looking into the mails after ciphermail has decrypted them shows the following difference: Mails that get decrypted to empty message and "smime.p7m" attachment shows: Content-Type: application/x-pkcs7-mime; Mails decrypted correctly: Content-Type: application/pkcs7-mime; The Content-Type application/x-pkcs7-mime is the old content type for S/MIME messages. Some email clients like for example Outlook still use the old style headers. application/pkcs7-mime is the new style headers for S/MIME. Thunderbird and CipherMail are using the new style headers. The difference in content type should not be the reason why certain emails fail. Can you share the MIME headers of the message that failed? Kind regards, Martijn Brinkers -- CipherMail email encryption Email encryption with support for S/MIME, OpenPGP, PDF encryption and secure webmail pull. https://www.ciphermail.com Twitter: http://twitter.com/CipherMail ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
[Djigzo users] Issue with S/MIME decryption most likley caused by Exchange attaching corporate signatures
Hi all, I have an issue with the decryption of S/MIME mails, and hope someone can be of help. To be honest I did not got very deep down the rabbit hole with this one, as I expect it to be a common problem someone else might already have solved. Issue description: S/MIME mail is decrypted but given back to the mail queue as an empty mail with an attachment called "smime.p7m". This attachment includes the message in plain and certificate information. But this does not happen with all S/MIME encrypted mails. Ciphermail Version: Version: 3.3.1-0. Built: 2017-10-07-08:36. Current thoughts: I guess this might be related to mails which are signed\encrypted by a local client and the corporate exchange server adds corporate text signatures to that mail. ( like the "think before print " or legal disclaimers) Looking into the mails after ciphermail has decrypted them shows the following difference: Mails that get decrypted to empty message and "smime.p7m" attachment shows: Content-Type: application/x-pkcs7-mime; Mails decrypted correctly: Content-Type: application/pkcs7-mime; Thanks in advance for any hint/help. olaf 0x0178B4C64D2C73C2.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users