On Fri, 23 Feb 2018 07:18:52 -0600 David Jones wrote: > On 02/23/2018 06:29 AM, RW wrote: > > On Thu, 22 Feb 2018 19:33:29 -0700 > > @lbutlr wrote: > > > >> On 2018-02-22 (17:39 MST), RW <rwmailli...@googlemail.com> wrote: > >>> > >>> Is it genuinely encrypted though? I'm wondering if it's just > >>> base64 encoded, and possibly signed. > >> > >> application/pkcs7-mime is S/MIME > > > > I know, but does that mean it's necessarily encrypted and not simply > > signed? > > > > Outlook Web says across the top of the message: > > This message has a digital signature, but it wasn't verified because > the S/MIME control isn't currently supported for your browser or > platform. > > Outlook client on a Mac says it was an encrypted email. > > https://pastebin.com/Kf9KJKyh >
It's just signed, if you change the type to text/plain you can see the raw mime message. It has: Content-Type: application/pkcs7-mime; smime-type=signed-data; name="smime.p7m" From a quick look at rfc5751 it looks like a purely encrypted email would have "smime-type=enveloped-data", but I doubt that's common. With a signed and encrypted email the two types are nested in either order. It comes down to usage, if the norm is for emails to be signed and then encrypted, then this sort of email can easily be excluded from ENCRYPTED_MESSAGE, but the other way around requires support for S/MIME.