Signed messages.

Julian Field mailscanner at ecs.soton.ac.uk
Thu Dec 12 10:43:42 GMT 2002


There seems to be some confusion over whether this is really a MailScanner
issue or something else that one of you has changed in their mail/signing
configuration in the past few days.

Can we determine that it is actually a problem caused by MailScanner
signing SMIME messages? And what headers do I need to look for to prove a
message should not be signed?

At 00:08 12/12/2002, you wrote:
>In encoutered this in your message signed that is coming in this way in
>the last 3 days. Come to think of it I have received signed messagges
>earlier but did not have this problem. I do not add signatures but I
>think yours does for outgoing mail. Maybe that is the problem.
>
>Mohan
>
>-----Original Message-----
>From: James A. Pattie [mailto:james at pcxperience.com]
>Sent: Wednesday, December 11, 2002 8:50 PM
>To: smohan at vsnl.com
>Cc: MAILSCANNER at JISCMAIL.AC.UK
>Subject: Re: Signed messages.
>
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>S Mohan wrote:
> > Some of the recent posts have digital signatures. Outlook flagged an
> > error and disallowed opening mails as it recognised contents were
> > changed enroute. I've seen replies by others to these mails. Surmise -
>
> > mail is going thro' ok for others or email client does not support
> > signature verification.
> >
> > I'm guessing this is due to mailscanner on my mailserver. Nothing else
>
> > in between would parse or change contents of mails. Is this true? If
> > so, would mailscanner usage not go down once digital signature use
> > comes into force?
> >
> > Bye
> > Mohan
> >
>
>
>As long as you are only using PGP/GPG, the digital signature isn't
>messed with since MailScanner adds text after the PGP Sign block.
>
>If you are using a certificate to sign the message, then it does alter
>the content since the certificate signs the entire contents of the body
>and not just a block of it.
>
>- --
>James A. Pattie
>james at pcxperience.com
>
>Linux  --  SysAdmin / Programmer
>Xperience, Inc.
>http://www.pcxperience.com/
>http://www.xperienceinc.com/
>
>GPG Key Available at http://www.pcxperience.com/gpgkeys/james.html
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.6 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQE991edtUXjwPIRLVERArHAAKDlBs01Z4BJFP44YHHu8jxC5++AOQCfYxFt
>C118w2idbUagaJxcR1SwCEE=
>=oDig
>-----END PGP SIGNATURE-----
>
>--
>This message has been scanned for viruses and
>dangerous content by MailScanner, and is
>believed to be clean.

--
Julian Field
www.MailScanner.info
MailScanner thanks transtec Computers for their support



More information about the MailScanner mailing list