[dmarc-discuss] a detour into S/MIME, was MLM and Header-From rewriting

David Woodhouse dwmw2 at infradead.org
Tue Jun 10 08:32:00 PDT 2014


On Tue, 2014-06-10 at 15:08 +0000, Rock, Paul via dmarc-discuss wrote:
> Depends on the client as well. Currently the version of Outlook (2010)
> I'm using on my Windows box also treats the signature as an attachment
> it doesn't know what to do with. 

That's odd — that's one of the few things Outlook normally gets right.
Is it an artefact of the footer that the list adds, complicating the
MIME structure? Anything outside the most basic MIME structure is one of
the *many* things that Outlook and Exchange usually get catastrophically
wrong :)

You should receive two copies of *this* mail... does the direct one work
as expected? (That's the use case for any kind of email from banking
systems, anyway.)

Yes, it's not a simple solution for the declining number¹ of webmail
users. I understand there are browser plugins which offer S/MIME support
for at least GMail, which is the largest webmail user base — but that's
still a bit different from "it just works" as you get with a real MUA.

> Mail.app (version 7.3) on my Mac does understand that David has a
> signature, but I have a big warning across the top of the mail that
> the signature can't be verified due to an email address mismatch.
> Granted, that's an artifact of the mailing list, but even still,
> here's a live case where S/MIME has an issue - and I'm sure that David
> and anyone else using a client that supports S/MIME will see the same
> warning about mail on this list from me.

Using Evolution, the GNOME mail client, I see that the mail has a valid
signature from Paul Rock <paul.rock at teamaol.com>. I am left to
cross-check that address against the address in the From: header, should
I desire to do so.

I may file a bug suggesting that the UI should make that mismatch
clearer.

-- 
dwmw2

¹ https://litmus.com/blog/email-client-market-share-where-people-opened-in-2013
  suggests that the figure is now around 20%.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5745 bytes
Desc: not available
URL: <http://dmarc.org/pipermail/dmarc-discuss/attachments/20140610/9e334abd/attachment.bin>


More information about the dmarc-discuss mailing list