PDF encryption with static password stops working

Gateway
1

Hello,

we have a problem using the PDF encryption with static password it just stops working.
After a period of time the password does not work anymore and even after reseting to the same one, it does not work.

Thank you in advance

2

Can you check whether the validity interval setting for the user is set to a different value than 0

https://www.ciphermail.com/documentation/gateway-administration-guide/settings.html#password-validity-interval

3

Initially it was 0. After it exipred we changed it to -1 and it still doesn’t work.
We use the passwords on domains, and even tried readding the domain, but it still didn’t help.
Even another password didn’t work. After it expired once for a domain, we can’t set it again to the same oder another password.

4

Initially it was 0. After it exipred we changed it to -1 and it still doesn’t work.
We use the passwords on domains, and even tried readding the domain, but it still didn’t help.
Even another password didn’t work. After it expired once for a domain, we can’t set it again to the same oder another password.

5

Can you send the relevant MPA log lines?

If you cannot attach them here, you can email it to me (Martijn@ciphermail.com)

6

A censored version of such an example.
The log says that the password is used for pdf encryption, but the password which is used to encrypt is a different that the password set in the settings for the domain.

02 Jun 2023 13:10:00 | INFO incoming; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx@domain.tld]; Originator: xxx@domain.tld; Sender: xxx@domain.tld; Remote address: x.x.x.x; Subject: xxxx ###; Message-ID: 8ca29b2e80444cf4b82b461eb9fcef1e@domain.tld; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Subject filter is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO To external recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO DLP is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO The subject contains the “must encrypt” trigger for the sender and will therefore be encrypted; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “phone number on the subject” is not allowed for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO must encrypt mail attribute is set; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO PGP is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Recipient(s) have valid PDF passwords; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Message will be PDF encrypted; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “PDF sign email” is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “encryption notification” is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO DKIM signing is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Message handling is finished. Sending to final recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld]; Originator: xxx@domain.tld; Sender: xxx@domain.tld; Remote address: 10.25.100.211; Subject: xxxx ; Message-ID: 8ca29b2e80444cf4b82b461eb9fcef1e@domain.tld; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]

7

A censored version of such an example.
The log says that the password is used for pdf encryption, but the password which is used to encrypt is a different that the password set in the settings for the domain.

02 Jun 2023 13:10:00 | INFO incoming; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx@domain.tld]; Originator: xxx@domain.tld; Sender: xxx@domain.tld; Remote address: x.x.x.x; Subject: xxxx ###; Message-ID: 8ca29b2e80444cf4b82b461eb9fcef1e@domain.tld; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Subject filter is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO To external recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO DLP is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO The subject contains the “must encrypt” trigger for the sender and will therefore be encrypted; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “phone number on the subject” is not allowed for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO must encrypt mail attribute is set; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO There are no valid S/MIME encryption certificates for the recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld]; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO PGP is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Recipient(s) have valid PDF passwords; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Message will be PDF encrypted; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “PDF sign email” is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO “encryption notification” is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO DKIM signing is disabled for the sender; MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld] (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2]
02 Jun 2023 13:10:00 | INFO Message handling is finished. Sending to final recipient(s); MailID: a2d4123c-9702-4bf1-a897-8aff31468b25; Recipients: [xxx2@domain2.tld]; Originator: xxx@domain.tld; Sender: xxx@domain.tld; Remote address: 10.25.100.211; Subject: xxxx ; Message-ID: 8ca29b2e80444cf4b82b461eb9fcef1e@domain.tld; (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2]

8

What happens if you explicitly set the password for the recipient? Wil it then encrypt with the correct password set for the user?