Certificate not extracted when recipient has no certificate

Hello

it looks like our Djigzo installation does not extract certificates
from incoming mail if the recipient does not have a certificate/key.

We have a internal domain configured to remove digital signature from
incoming mail and all mail is routed through this gateway. If i send a
digital signed mail from external to a internal user with a
certificate/key in the djigzo keystore the external certificate gets
extracted and added to the keystore. If i send to some other internal
mailadress (alias for the same mailbox) which don't have a
certificate/key the external certificate does not get added to the
keystore?

What have i done wrong?

Version is 2.0.1-0

Regards

Andreas

It's related to "strict mode" BTW. In strict mode the certificates
don't get extracted while without strict mode it works as expected.
This is not intended behaviour, no?

Regards

Andreas

Hi Andreas,

Good catch! you are right this is a bug. In strict mode, all the
matching keys for the recipients are looked up and only those keys will
be used for decryption. The side effect of this is that when in strict
mode and the recipient does not have any keys and the message is only
signed, that the message is not handled by the S/MIME handler and
therefore the certificates are not extracted.

This will be fixed in the upcoming version.

Thanks,

Martijn

ยทยทยท

On 01/-10/-28163 08:59 PM, lst_hoe02(a)kwsoft.de wrote:

It's related to "strict mode" BTW. In strict mode the certificates don't
get extracted while without strict mode it works as expected. This is
not intended behaviour, no?

--
Djigzo open source email encryption