Mail Footers: Sometimes Not

MailScanner The code for adding mail footers to outgoing messages with MailScanner has been ready for some time now, and it is going into production early next week. I'm not terribly worried, as I've been giving it quite a thorough going over. Famous last words. ;-)

One thing did crop up several times: what happens when an S/MIME encrypted or signed message gets modified in transit? The answer is of course, that the signature is invalidated, and I had documented that and put it aside as a fait accompli.

Robert asked me on Friday whether I could detect an S/MIME message. A simple question which caused me a bit of a sleepless night as well as a busy Saturday.

Of course I can! Thanks to the marvellous MailScanner and its innards, it turns out I can quite easily detect whether an outgoing message has been encrypted or signed (or both).

The secret lies in the safefile2file element of the message hash that MailScanner unfolds for me:

'safefile2file' => {
     'msg-9008-194.txt' => 'msg-9008-194.txt',
     '' => '',
     'msg-9008-195.html' => 'msg-9008-195.html',
     'smime.p7s' => 'smime.p7s'
    },

I dumped a bit of email traffic and noticed that MailScanner loads the attachment names into the hash, so it is just a matter of determining whether or not that contains an smime.p7s or an smime.p7m attachment. If that is the case, I forbid a footer being attached to the message and log that fact as well.

After a bit of tweaking, it turns out nicely. This is an encrypted and signed message sent from a corporate Notes account to myself at home, as seen in Thunderbird.

TB encrypted message

The message's signature and encrypted payloads are intact; this is indicated by the icons on the right of the message pane.

Roll on Monday!

Entry posted on May 12th, 2007 at 7:27 PM in DomiNotes, Exim, LDAP, Linux, Mail, Security.

Related Posts

Footers on Email with MailScanner, This isn't Junk, This is Great News!, Mail Server Comparison, Mail.app yok and I *don't* have new mail!

Comments (3) left to “Mail Footers: Sometimes Not”

  1. PyungHo Yoon wrote on 01-Dec-07 at 11:53 am

    Please, give me more clue.
    I want to know how you did it.

  2. Kevin wrote on 01-Jan-08 at 2:33 pm

    I was wrestling with the same thing for a while …
    Here's the solution I came up with (using Jan-Peit's example "MyFunc.pm"):

    package MailScanner::CustomConfig;
    use Data::Dumper;

    use strict 'vars';
    use strict 'refs';
    no strict 'subs'; # Allow bare words for parameter %'s

    use vars qw($VERSION);

    $VERSION = substr q$Revision: 1.1 $, 10;

    sub MyfuncLOG {
    my ($text) = @_;

    MailScanner::Log::InfoLog("Myfunc: $text");
    }

    sub InitMyfunc {
    MyfuncLOG("Starting Myfunc");
    }

    sub EndMyfunc {
    MyfuncLOG("Ending Myfunc");
    }

    sub Myfunc {
    my ($message) = @_;
    my $msgid = $message->{id};
    my %attach = $message->{safefile2file};

    MailScanner::Log::InfoLog("Myfunc: Invoking Myfunc for $msgid");

    return 0 unless $message; # Sanity
    return 0 if exists $attach{smime.p7s};
    return 0 if exists $attach{smime.p7m};
    return 1;
    }

    1;

  3. Marcelo Junior wrote on 10-Nov-08 at 2:47 pm

    To avoid mailscanner to invalidate your smime, displaying errors at your signature (this applies only if you set your client not to encrypt your smime content at the body message), simply set the sign property from mailscanner to no. The problem is that the default configuration from mailscanner adds a message on body content afterwards the smime hash is made at your mail client.Thus meaning that the hash wont be checked as equal on reciepient´s mail client…

Post a Comment

*Required Full name
*Required (Never published)
 
« BlackBerry 8700g With OS 4.2.1
Etched Macbook »
Home