Re: [Patch] fix broken decryption of s/mime messages loaded from imap
- From: JohnJackDoe tele2 de
- To: balsa-list gnome org
- Subject: Re: [Patch] fix broken decryption of s/mime messages loaded from imap
- Date: Tue, 05 Mar 2019 19:08:47 +0100
Hello Albrecht:
See the inserted text below.
--
Best regards,
John Jack Doe
On 28 Feb 2019 20:39:04, Albrecht Dreß wrote:
Hi John Jack Doe:
Am 28.02.19 10:44 schrieb(en) JohnJackDoe tele2 de:
I am retired and use Balsa for my private email communication as
well as for my part-time job. For the part-time job I have to
retrieve GnuPG/MIME encrypted mail from an IMAP account. These mails
I can't decrypt because Balsa reports always 'Balsa decryption
failed: GPME: decryption failed: Decryption failed'. In order to
check this I sent an encrypted email to myself and retrieved it from
the IMAP account - decryption failed. Could it be that this is the
same failure Albrecht reported?
The issue you are referring to affected S/MIME (GpgME) encrypted
messages only, but /not/ GnuPG, neither in MIME nor the old
single-part format. However, the error message you cite indicates
that it's actually GpgME (not GnuPG) which fails, so I guess the
answer might be yes.
If it's really GnuPG which fails I would bet the IMAP server is M$
Exchange - it has (or at least had) issues dealing with GnuPG (PGP in
general) encryption and signatures, basically mangling such messages
so any MUA (not only Balsa) is unable to decrypt them or to check
their signatures.
You won the bet. It's M$ Exchange. I owe you a beer or two.
I did some tests and sent a test message with an attachment and autokey
via the M$ Exchange server to myself and to my other private email
account. Both were received and decrypted without any problems.
I did some internet search and found no confirmation that M$ Exchange
and/or Outlook can handle PGP/MIME iaw RFC 3156. However, I found some
information that M$ Exchange is rewriting the content header and thus
causing decryption trouble.
I also asked the IT specialist of the company I work for if M$ Exchange
and/or Outlook can handle PGP/MIME iaw RFC 3156. He answered that M$
Exchange doesn't care about the content and Out is downloading
everything that is offered. For M$ Exchange he might be right. See the
headers from my testing below. With Outlook I'm not sure because I
received an message that was retrieved with Outlook and resent to
myself. And in this message the header was rewritten and the pgp part
was base 64 encoded. I will do some more testing.
Here are parts of the header of the email sent with Balsa to the M$
Exchange server:
MIME-Version: 1.0
Content-Type: multipart/encrypted;
protocol=\"application/pgp-encrypted\";
\tboundary=\"=-d1XgDxa087HZZkKiP8tD\"
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/pgp-encrypted
Content-Transfer-Encoding: 7bit
Version: 1
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/octet-stream
Content-Transfer-Encoding: 7bit
-----BEGIN PGP MESSAGE-----
hQMOAxkymeMHo4wMEAwAubLJk5LlNiskEM6AtUzlUYt5MFXVJjA6+b1iCziRXs1L
dJXzYtkEuhALtfO9BEDRAq3qi5qCnPJFl2PqtU0wp1G1NEKzHDTJ8NEzKtxTAuvj
5tG5L8ZZnYr1VrImRbRXXTMeJYtUV+sbR15F6jTqgtLfidQ2V0v2DFEmig0evKzU
784Dc85PRrkRo73jDa+OanPsr6G8xZvG7vDW2753MndLyRlu3bP/f+OvycIflUsY
hc4QfXS92+RJGQLEXLAOYN3cB44GXQl3qf3hQASG36uqb6TvfY32UlVx8NbXvtey
4fZZ4tU5isAWxMdBT4Sr3bIqombJTNkFjmyTUWT9m5+NdgO7x0nrNg1bfipljsrs
yjjuWVrp1G4yqjFZEHA1ujmUqD816Nyk39rh/qOzbdaLUzD33dnGsu1Zlc9XFASp
Zv1+NZam/HChjUxkfDxQjPMejZv7KqAVaGyEuRsVFdYXwwWyPHdZb7iqgGoIJ9xY
2FE1r8xMntYHZOEnGF/hC/4tg/FvGJ0G/EUuxc4s2K3B6tWR21DDgrfl0ejt+VkB
4OOKpJv7dhj2olXoiAl11KCYZblonnmnd/Cg2J8ypwpFEkhTp+dN5M7q2r2kSADG
MJgr5yurUdS1n7c22zjxhefZbVLuSOU4RWxDa/5X6XaPcVI7adHSUt8u66WtE+YK
xYESpqFE5lFbnlVgSNQLErHbTG1y0MDqdkbGdJbe5W+cPOyrQlHlR4M0m/0vuPpW
Here are parts of the header of the email sent with Balsa to the MS
Exchange server and retrieved with Balsa retrieved from the MS Exchange
server:
Content-Type: multipart/encrypted;
protocol=\"application/pgp-encrypted\";
\tboundary=\"=-d1XgDxa087HZZkKiP8tD\"
Return-Path:
X-MS-Exchange-Organization-AuthSource:
X-MS-Exchange-Organization-AuthAs: Internal
X-MS-Exchange-Organization-AuthMechanism: 00
X-Originating-IP:
X-ClientProxiedBy:
X-MS-Exchange-Organization-Network-Message-Id:
5e90f654-648b-4080-0d84-08d6a07e00d2
X-MS-Exchange-Organization-AVStamp-Enterprise: 1.0
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/pgp-encrypted
Content-Transfer-Encoding: 7bit
Version: 1
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/octet-stream
Content-Transfer-Encoding: 7bit
-----BEGIN PGP MESSAGE-----
hQMOAxkymeMHo4wMEAwAubLJk5LlNiskEM6AtUzlUYt5MFXVJjA6+b1iCziRXs1L
dJXzYtkEuhALtfO9BEDRAq3qi5qCnPJFl2PqtU0wp1G1NEKzHDTJ8NEzKtxTAuvj
5tG5L8ZZnYr1VrImRbRXXTMeJYtUV+sbR15F6jTqgtLfidQ2V0v2DFEmig0evKzU
784Dc85PRrkRo73jDa+OanPsr6G8xZvG7vDW2753MndLyRlu3bP/f+OvycIflUsY
hc4QfXS92+RJGQLEXLAOYN3cB44GXQl3qf3hQASG36uqb6TvfY32UlVx8NbXvtey
4fZZ4tU5isAWxMdBT4Sr3bIqombJTNkFjmyTUWT9m5+NdgO7x0nrNg1bfipljsrs
yjjuWVrp1G4yqjFZEHA1ujmUqD816Nyk39rh/qOzbdaLUzD33dnGsu1Zlc9XFASp
Zv1+NZam/HChjUxkfDxQjPMejZv7KqAVaGyEuRsVFdYXwwWyPHdZb7iqgGoIJ9xY
2FE1r8xMntYHZOEnGF/hC/4tg/FvGJ0G/EUuxc4s2K3B6tWR21DDgrfl0ejt+VkB
4OOKpJv7dhj2olXoiAl11KCYZblonnmnd/Cg2J8ypwpFEkhTp+dN5M7q2r2kSADG
MJgr5yurUdS1n7c22zjxhefZbVLuSOU4RWxDa/5X6XaPcVI7adHSUt8u66WtE+YK
xYESpqFE5lFbnlVgSNQLErHbTG1y0MDqdkbGdJbe5W+cPOyrQlHlR4M0m/0vuPpW
Here are parts of the header of the email sent with Balsa to the MS
Exchange server and retrieved with Balsa from the my private email
account:
MIME-Version: 1.0
Content-Type: multipart/encrypted;
protocol=\"application/pgp-encrypted\";
\tboundary=\"=-d1XgDxa087HZZkKiP8tD\"
X-Originating-IP:
X-ClientProxiedBy:
X-VISP-Virus-Check: clean
X-VISP-Spam-Max-Score: +++++
X-SA-Exim-Connect-IP:
X-SA-Exim-Mail-From:
X-SA-Exim-Scan-Truncated: Fed 512000 bytes of the body to SA instead of
3639336
X-SA-Exim-Scanned: No (on martini.ops.eusc.inter.net); SAEximRunCond
expanded to false
X-VISP-UniqueID: 9fc69f9aecb72738ee0253c07849396ea2f1575f
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/pgp-encrypted
Content-Transfer-Encoding: 7bit
Version: 1
--=-d1XgDxa087HZZkKiP8tD
Content-Type: application/octet-stream
Content-Transfer-Encoding: 7bit
-----BEGIN PGP MESSAGE-----
hQMOAxkymeMHo4wMEAwAubLJk5LlNiskEM6AtUzlUYt5MFXVJjA6+b1iCziRXs1L
dJXzYtkEuhALtfO9BEDRAq3qi5qCnPJFl2PqtU0wp1G1NEKzHDTJ8NEzKtxTAuvj
5tG5L8ZZnYr1VrImRbRXXTMeJYtUV+sbR15F6jTqgtLfidQ2V0v2DFEmig0evKzU
784Dc85PRrkRo73jDa+OanPsr6G8xZvG7vDW2753MndLyRlu3bP/f+OvycIflUsY
hc4QfXS92+RJGQLEXLAOYN3cB44GXQl3qf3hQASG36uqb6TvfY32UlVx8NbXvtey
4fZZ4tU5isAWxMdBT4Sr3bIqombJTNkFjmyTUWT9m5+NdgO7x0nrNg1bfipljsrs
yjjuWVrp1G4yqjFZEHA1ujmUqD816Nyk39rh/qOzbdaLUzD33dnGsu1Zlc9XFASp
Zv1+NZam/HChjUxkfDxQjPMejZv7KqAVaGyEuRsVFdYXwwWyPHdZb7iqgGoIJ9xY
2FE1r8xMntYHZOEnGF/hC/4tg/FvGJ0G/EUuxc4s2K3B6tWR21DDgrfl0ejt+VkB
4OOKpJv7dhj2olXoiAl11KCYZblonnmnd/Cg2J8ypwpFEkhTp+dN5M7q2r2kSADG
MJgr5yurUdS1n7c22zjxhefZbVLuSOU4RWxDa/5X6XaPcVI7adHSUt8u66WtE+YK
xYESpqFE5lFbnlVgSNQLErHbTG1y0MDqdkbGdJbe5W+cPOyrQlHlR4M0m/0vuPpW
If yes, please Albrecht could you build a new Balsa package for me
from git?
I could build a Debian Stretch package for you…
However, it raises a more general question – shouldn't we prepare a
new release anyway? I think there have been many improvements since
the last one last year. I still have a new GUI for managing IMAP
subscriptions in my pipeline, and I wanted to look into XOAUTH2 for
gmail or yahoo (which is *not* safer than the methods Balsa supports
now, opposed to what Google claims!), but those shouldn't be
show-stoppers. And the README and help files are really outdated,
which seems to be more critical.
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
