[Evolution] Evolution + GPG + MailScanner = Bad Juju...

Michael H. Warfield mhw at WittsEnd.com
Thu Jan 26 20:53:31 GMT 2006 

On Thu, 2006-01-26 at 15:44 -0500, Jeffrey Stedfast wrote:
> On Thu, 2006-01-26 at 15:00 -0500, Michael H. Warfield wrote:
> > Ok all,
> > 
> > 	I'm cross posting this to both Evolution and MailScanner because I can
> > already predict the finger pointing that's naturally going to result.
> > 
> > 	A few months ago, someone brought it to my attention that my GPG
> > signatures (messages signed only, not encrypted) where suddenly turning
> > up "bad".  The signature on this message will probably be "bad".  It
> > took some major head scratching to figure out what changed, what the
> > parameters where, and what the hell was happening but I think I've got
> > in narrowed down to some poor behavior on the part of BOTH Evolution AND
> > MailScanner (or a component of MailScanner - not sure).
> > 
> > 	It seems to have initially broken with an upgrade to MailScanner.  I
> > think upgrading to 4.47.4-2 or there abouts might have been the
> > triggering event, but I don't remember what I was running on that server
> > prior to that.  Before then, all my signatures GPG signatures were good.
> > After, they were bad.  If I turn off MailScanner on my server, the
> > signatures are good.  I have accounts on several servers and the
> > signatures are bad if I forward mail through one running a recent
> > version of MailScanner.  I just upgraded one of my servers to 4.50.5-12
> > and now I've got bad signatures through that server as well (I wasn't
> > running MailScanner on that one before).
> > 
> > 	But, that doesn't get Evolution off the hook.  It's only happening for
> > messages that I'm composing in Evolution!  If I compose them in Mutt or
> > vi a text file and send it, everything is fine.  Also, my saved copies
> > in the Evolution sent box is fine.
> > 
> > 	Sooo...  I compare what was saved in the "sent" box with what was
> > received with a bad signature...  What was the difference?  Carriage
> > Returns!  Evolution is terminating lines with CR-LF when composing a
> > message.  MailScanner is removing the CR and leaving the LF.
> > Apparently, Evolution called gpg in binary mode to create the signature.
> > Modifying even the line termination then breaks the signature.
> > 
> > 	No other mailer I use generates the DOS/Windows line termination, they
> > all end lines with *NIX convention of LF only (no I haven't tried
> > ThunderBird or KMail or other GUI client as yet).
> > 
> > 	1) Why must we be adding extraneous CR on text messages?  Is this
> > REALLY necessary?
> 
> Yes. From rfc3156:
> 
>    When the OpenPGP digital signature is generated:
> 
>    (1)   The data to be signed MUST first be converted to its content-
>          type specific canonical form.  For text/plain, this means
>          conversion to an appropriate character set and conversion of
>          line endings to the canonical <CR><LF> sequence.

> This is what Evolution does.

	Ok...  I'll concede that point.  Then what about the signing mode, text
vs binary.  We're still broken here.

> -- 
> Jeffrey Stedfast
> Evolution Hacker - Novell, Inc.
> fejj at ximian.com  - www.novell.com

	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20060126/0076267b/attachment.bin

More information about the MailScanner mailing list