S/MIME message has been decrypted but sending encrypted!

Hi Martijn,

you saved my day, it works! As you say I can confirm that mails sent from Outlook making this trouble. I already had this suspicion, but never heard about opaque signed mails. Some things are cleared up now.

It doesn't matter for me that signatures are missing, as long as ciphermail is doing all that work.

Many many thnx,


attachment.htm (5.54 KB)


-----Ursprüngliche Nachricht-----
Von: Martijn Brinkers via Users <users(a)lists.ciphermail.com>
Gesendet: Mittwoch 24. Februar 2021 10:56
An: users(a)lists.ciphermail.com
CC: Andreas Studenski <ciphermail(a)webcoding24.com>; Martijn Brinkers <martijn(a)ciphermail.com>
Betreff: Re: S/MIME message has been decrypted but sending encrypted!

Hi Andreas,

My guess is that the emails are not encrypted by opaque signed. S/MIME
signing supports two types of encoding: clear text and opaque. With
opaque signed email you need a mail client which understands S/MIME
signed email. Unfortunately some email clients like for example Outlook
use opaque signing when the email is encrypted. After decryption the
resulting email is therefore opaquely signed. If you mail client does
not support S/MIME you will only see an attachment names smime.p7m.

You can configure the gateway to remove the signature by enabling the
S/MIME advanced setting "Remove signature". This will then convert the
smime.p7m attachment to a normal email.

Unfortunately at the moment this will remove the signature from all
S/MIME emails, i.e., also from the clear signed emails and not just
from the opaque signed emails.

Kind regards,

Martijn Brinkers

CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger

On Wed, 2021-02-24 at 09:48 +0000, Andreas Studenski via Users wrote:

Hi there,

my problem exists for a longer period now. As more and more S/MIME
crypted mails are incoming, situation is getting annoying.
So I started solving the problem, unfortunately without success.

I have internal domains (locality "internal") in ciphermail, S/MIME
certficates including private keys are successfully imported, mail
routing works, everything is running fine except one weird thing:

When S/MIME crypted mails are incoming for my user they will be
decrypted by ciphermail. Logfile is showing "S/MIME message has been
decrypted." and "S/MIME signature was valid", but only crypted mails
are arriving in my inbox.
I have searched for ages now and checked the configuration many
times. Also reinstalled the server. Problem stays the same.
Ciphermail does not decrypt mails.

Anybody knowing this problem?
Many thanks in advance.