[Mailman-Users] Preserving S/MIME-Encoded Mail

Fri, 16 Jan 2009 13:47:26 -0800 

I have a collegue who is experimenting with signed mail (S/MIME).
He sent me a test mail and he also sent it to a test Mailman (2.1.11)
list.  Here is the basic MIME header structure for the mail sent
directly to me:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
MIME-Version: 1.0
Content-Type: multipart/signed;
        micalg=SHA1;
        protocol="application/x-pkcs7-signature";
        boundary="----=_NextPart_000_0000_01C97713.0AE16F40"

This is a multi-part message in MIME format.

------=_NextPart_000_0000_01C97713.0AE16F40
Content-Type: multipart/alternative;
        boundary="----=_NextPart_001_0001_01C97713.0AE16F40"


------=_NextPart_001_0001_01C97713.0AE16F40
Content-Type: text/plain;
        charset="us-ascii"
Content-Transfer-Encoding: 7bit

 <<the body of the mail>>

------=_NextPart_001_0001_01C97713.0AE16F40
Content-Type: text/html;
        charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

 <<the body of the mail in HTML-format>>

------=_NextPart_001_0001_01C97713.0AE16F40--

------=_NextPart_000_0000_01C97713.0AE16F40
Content-Type: application/x-pkcs7-signature;
        name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="smime.p7s"

 <<the base64-encoded digital signature>>

------=_NextPart_000_0000_01C97713.0AE16F40--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

And here is the MIME structure after Mailman has processed the mail:

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4389576766350830338=="

This is a multi-part message in MIME format.

--===============4389576766350830338==
Content-class: urn:content-classes:message
Content-Type: multipart/signed; micalg=SHA1;
        protocol="application/x-pkcs7-signature";
        boundary="----=_NextPart_000_0000_01C97713.0AE16F40"

This is a multi-part message in MIME format.

------=_NextPart_000_0000_01C97713.0AE16F40
Content-Type: multipart/alternative;
        boundary="----=_NextPart_001_0001_01C97713.0AE16F40"


------=_NextPart_001_0001_01C97713.0AE16F40
Content-Type: text/plain;
        charset="us-ascii"
Content-Transfer-Encoding: 7bit

 <<the body of the mail>>

------=_NextPart_001_0001_01C97713.0AE16F40
Content-Type: text/html;
        charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

 <<the body of the mail in HTML-format>>

------=_NextPart_001_0001_01C97713.0AE16F40--

------=_NextPart_000_0000_01C97713.0AE16F40
Content-Type: application/x-pkcs7-signature;
        name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
        filename="smime.p7s"

 <<the base64-encoded digital signature>>

------=_NextPart_000_0000_01C97713.0AE16F40--

--===============4389576766350830338==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

 <<the mailman-inserted footer>>

--===============4389576766350830338==--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Note that Mailman has taken the existing three-part MIME structure
(plain-text body, HTML-formatted body, and digital signature) and
instead of placing the list footer as a fourth part in the same MIME
structure, Mailman has created a new two-part MIME structure with
the original three-part MIME structure as a first part and the list
footer as a second part.  While this resulting structure is valid
MIME-encoding (I think), the result is that the initial header lines

     Content-class: urn:content-classes:message
     Content-Type: multipart/signed; micalg=SHA1;
             protocol="application/x-pkcs7-signature";
             boundary="----=_NextPart_000_0000_01C97713.0AE16F40"

are not at the beginning of the MIME structure.  I believe that this
is causing the mail to appear as an unsigned mail message.  I have just
begun reading "S/MIME 3.1" RFC 3851, and my initial quick reading
leads me to believe that this

     Content-Type: multipart/signed;

header line needs to appear in the first part of the MIME headers
and not within a subsidiary MIME header.

Is there a reason why Mailman does not place the list footer as a
fourth section in the existing MIME structure?  Thanks.
----------------------------------------------------------------------
Barry S. Finkel
Computing and Information Systems Division
Argonne National Laboratory          Phone:    +1 (630) 252-7277
9700 South Cass Avenue               Facsimile:+1 (630) 252-4601
Building 222, Room D209              Internet: bsfin...@anl.gov
Argonne, IL   60439-4828             IBMMAIL:  I1004994

------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: http://wiki.list.org/x/QIA9

Reply via email to