My email client understands S/MIME as long ciphermail is offline and not decrypting opaquely encrypted Mails. So if I send encrypted and signed mails from Outlook directly into my inbox, everything is fine. Only if Ciphermail is decrypting, my email client can't read the mail anymore.
Do you see a chance for upcoming versions of Ciphermail to decrypt opaquely encrypted signed mails into clear text signed mails or give somehow the configuration option?
-----Ursprüngliche Nachricht-----
Von: Martijn Brinkers via Users <users(a)lists.ciphermail.com>
Gesendet: Mittwoch 24. Februar 2021 10:56
An: users(a)lists.ciphermail.com
CC: Andreas Studenski <ciphermail(a)webcoding24.com>; Martijn Brinkers <martijn(a)ciphermail.com>
Betreff: Re: S/MIME message has been decrypted but sending encrypted!
Hi Andreas,
My guess is that the emails are not encrypted by opaque signed. S/MIME
signing supports two types of encoding: clear text and opaque. With
opaque signed email you need a mail client which understands S/MIME
signed email. Unfortunately some email clients like for example Outlook
use opaque signing when the email is encrypted. After decryption the
resulting email is therefore opaquely signed. If you mail client does
not support S/MIME you will only see an attachment names smime.p7m.
You can configure the gateway to remove the signature by enabling the
S/MIME advanced setting "Remove signature". This will then convert the
smime.p7m attachment to a normal email.
Unfortunately at the moment this will remove the signature from all
S/MIME emails, i.e., also from the clear signed emails and not just
from the opaque signed emails.
Kind regards,
Martijn Brinkers
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
On Wed, 2021-02-24 at 09:48 +0000, Andreas Studenski via Users wrote:
Hi there,
my problem exists for a longer period now. As more and more S/MIME
crypted mails are incoming, situation is getting annoying.
So I started solving the problem, unfortunately without success.
I have internal domains (locality "internal") in ciphermail, S/MIME
certficates including private keys are successfully imported, mail
routing works, everything is running fine except one weird thing:
When S/MIME crypted mails are incoming for my user they will be
decrypted by ciphermail. Logfile is showing "S/MIME message has been
decrypted." and "S/MIME signature was valid", but only crypted mails
are arriving in my inbox.
I have searched for ages now and checked the configuration many
times. Also reinstalled the server. Problem stays the same.
Ciphermail does not decrypt mails.
Anybody knowing this problem?
Many thanks in advance.
I investigated in this case just once more.
My email client understands S/MIME as long ciphermail is offline and
not decrypting opaquely encrypted Mails. So if I send encrypted and
signed mails from Outlook directly into my inbox, everything is fine.
Only if Ciphermail is decrypting, my email client can't read the mail
anymore.
Then your mail client does not fully support S/MIME. An S/MIME opaquely
(i.e., embedded) signed email does look similar to an encrypted email
but it's not the same.
Do you see a chance for upcoming versions of Ciphermail to decrypt
opaquely encrypted signed mails into clear text signed mails or give
somehow the configuration option?
We will investigate whether it is possible to convert an opaquely
signed email to a clear signed (i.e., detached) email. It might be that
this is not be possible without breaking the signature.
Kind regards,
Martijn Brinkers
···
--
CipherMail email encryption
Email encryption with support for S/MIME,
OpenPGP, PDF Messenger and Webmail Messenger
On Thu, 2021-02-25 at 17:49 +0000, Andreas Studenski via Users wrote:
Hi Martijn,
I investigated in this case just once more.
My email client understands S/MIME as long ciphermail is offline and
not decrypting opaquely encrypted Mails. So if I send encrypted and
signed mails from Outlook directly into my inbox, everything is fine.
Only if Ciphermail is decrypting, my email client can't read the mail
anymore.
Do you see a chance for upcoming versions of Ciphermail to decrypt
opaquely encrypted signed mails into clear text signed mails or give
somehow the configuration option?
Best regards,
Andreas
> -----Ursprüngliche Nachricht-----
> Von: Martijn Brinkers via Users <users(a)lists.ciphermail.com>
> Gesendet: Mittwoch 24. Februar 2021 10:56
> An: users(a)lists.ciphermail.com
> CC: Andreas Studenski <ciphermail(a)webcoding24.com>; Martijn
> Brinkers <martijn(a)ciphermail.com>
> Betreff: Re: S/MIME message has been decrypted
> but sending encrypted!
>
> Hi Andreas,
>
> My guess is that the emails are not encrypted by opaque signed.
> S/MIME
> signing supports two types of encoding: clear text and opaque. With
> opaque signed email you need a mail client which understands S/MIME
> signed email. Unfortunately some email clients like for example
> Outlook
> use opaque signing when the email is encrypted. After decryption
> the
> resulting email is therefore opaquely signed. If you mail client
> does
> not support S/MIME you will only see an attachment names smime.p7m.
>
> You can configure the gateway to remove the signature by enabling
> the
> S/MIME advanced setting "Remove signature". This will then convert
> the
> smime.p7m attachment to a normal email.
>
> Unfortunately at the moment this will remove the signature from all
> S/MIME emails, i.e., also from the clear signed emails and not just
> from the opaque signed emails.
>
> Kind regards,
>
> Martijn Brinkers
>
> --
> CipherMail email encryption
> Email encryption with support for S/MIME,
> OpenPGP, PDF Messenger and Webmail Messenger
>
> On Wed, 2021-02-24 at 09:48 +0000, Andreas Studenski via Users > > wrote:
> > Hi there,
> >
> > my problem exists for a longer period now. As more and more
> S/MIME
> > crypted mails are incoming, situation is getting annoying.
> > So I started solving the problem, unfortunately without success.
> >
> > I have internal domains (locality "internal") in ciphermail,
> S/MIME
> > certficates including private keys are successfully imported,
> mail
> > routing works, everything is running fine except one weird thing:
> >
> > When S/MIME crypted mails are incoming for my user they will be
> > decrypted by ciphermail. Logfile is showing "S/MIME message has
> been
> > decrypted." and "S/MIME signature was valid", but only crypted
> mails
> > are arriving in my inbox.
> > I have searched for ages now and checked the configuration many
> > times. Also reinstalled the server. Problem stays the same.
> > Ciphermail does not decrypt mails.
> >
> > Anybody knowing this problem?
> > Many thanks in advance.
> >
> > Andreas