On 07/29/2016 02:44 PM, mots wrote:
That's exactly what's happening.
Since I do not know any details about the product they are using, I am
just guessing. Perhaps their gateway fails to make a distinction between
a PGP/MIME and S/MIME signed message.
A PGP/MIME signed message has the content type
Content-Type: multipart/signed; protocol="application/pgp-signature"
and an S/MIME message has the content type
Content-Type: multipart/signed; protocol="application/pkcs7-signature";
Perhaps their solution does not take the protocol into account and only
looks at the main part of the content type and therefore mixes up
PGP/MIME and S/MIME.
Another option might be that the mail client of the person replying
encrypts the message and not their gateway.
You might try to see whether the same problem occurs of you change the
"PGP encoding to external" for their domain from PGP/MIME to PGP/INLINE.
Can you forward a faulty encrypted message (with full MIME content) to
my personal email address (i.e., off-list) so I can see how the message
looks like?
Kind regards,
Martijn Brinkers
-----Ursprüngliche Nachricht-----
> Von:Martijn Brinkers <martijn(a)ciphermail.com>
> Gesendet: Don 28 Juli 2016 23:31
> An: users(a)lists.djigzo.com
> Betreff: Re: [Djigzo users] External mail system replis with S/MIME encrypted
responses to our pgp signed mail.
>
> On 07/28/2016 05:04 PM, mots wrote:
>> Hello,
>>
>> We use PGP based email encryption using the gateway and the customer
>> uses tobit david as their mail server with S/MIME. Our public key is
>> installed on their mail system.
>>
>> When they reply to one of our emails we get it S/MIME encrypted, with
>> their certificate attached. Email that aren't a reply to one of ours
>> work fine.
>
> Not sure whether I fully understand the problem.
>
> So if you send a message signed with PGP/MIME and the recipient replies,
> the reply is S/MIME encrypted with a certificate for which you do not
> have the private key? But if they send you a message which is not a
> reply, the message is not encrypted?
>
> Kind regards,
>
> Martijn Brinkers
>
>
>>
>> The following is in djigzo.log (Personal information redacted):
>>
>> 25 Jul 2016 09:35:00 | INFO incoming; MailID:
>> 9ccd7fb6-05db-4fe9-a683-50102d194a64; Recipients:
>> [local_user(a)company.com]; Originator: remote_user(a)customer.com;
>> Sender: remote_user(a)customer.com; Remote address: 1.2.3.4; Subject:
>> Redacted; Message-ID: <something(a)isp.com>om>;
>> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #2] 25 Jul
>> 2016 09:35:00 | INFO Subject filter is disabled for the sender;
>> MailID: 9ccd7fb6-05db-4fe9-a683-50102d194a64; Recipients:
>> [local_user(a)company.com]
>> (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2] 25
>> Jul 2016 09:35:00 | INFO To internal recipient(s); MailID:
>> 9ccd7fb6-05db-4fe9-a683-50102d194a64; Recipients:
>> [local_user(a)company.com]
>> (mitm.application.djigzo.james.mailets.Default) [Spool Thread #2] 25
>> Jul 2016 09:35:00 | WARN S/MIME decryption key not found; MailID:
>> 9ccd7fb6-05db-4fe9-a683-50102d194a64; Message: A suitable decryption
>> key could not be found. CMS Recipients: Redacted
>> (mitm.common.security.smime.handler.SMIMEHandler) [Spool Thread #2]
>> 25 Jul 2016 09:35:00 | INFO Message handling is finished. Sending to
>> final recipient(s); MailID: 9ccd7fb6-05db-4fe9-a683-50102d194a64;
>> Recipients: [local_user(a)company.com]; Originator:
>> remote_user(a)customer.com; Sender: remote_user(a)customer.com; Remote
>> address: 1.2.3.4; Subject: Redacted; Message-ID: <something(a)isp.com>om>;
>> (mitm.application.djigzo.james.mailets.Log) [Spool Thread #0]
>>
>> Is there anything we can do on our side to fix this?
>>
>> Regards,
>>
>> mots
>>
>>
>>
>> _______________________________________________ Users mailing list
>> Users(a)lists.djigzo.com
https://lists.djigzo.com/lists/listinfo/users
>>
>
>
> --
> CipherMail email encryption
>
> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
> secure webmail pull.
>
>
https://www.ciphermail.com
>
> Twitter:
http://twitter.com/CipherMail
>
> --
> CipherMail email encryption
>
> Email encryption with support for S/MIME, OpenPGP, PDF encryption and
> secure webmail pull.
>
>
https://www.ciphermail.com
>
> Twitter:
http://twitter.com/CipherMail
> _______________________________________________
> Users mailing list
> Users(a)lists.djigzo.com
>
https://lists.djigzo.com/lists/listinfo/users
>
>
>
> _______________________________________________
> Users mailing list
> Users(a)lists.djigzo.com
>
https://lists.djigzo.com/lists/listinfo/users
--
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.
https://www.ciphermail.com
Twitter:
http://twitter.com/CipherMail