Workaround for Exchange-corrupted PGP/Mime structure

Carl Worth cworth at cworth.org
Wed Nov 20 08:36:50 PST 2019


I recently received a GPG-encrypted message that notmuch was not able to
handle transparently as I'm used to. (That is, instead of decrypting the
message and verifying the signature inside, etc.—instead I was just
presented with an attachment that contained the encrypted message.)

After some poking around, it appears that the problem is that the
message was sent through Microsoft Exchange which corrupts PGP/mime
structure by changing the outer content-type from "multipart/encrypted"
to "multipart/mixed".

I've verified this bug by sending mail from notmuch through Exchange as
the MTA and it indeed does corrupt the mail in exactly this fashion.

It looks like this bug in Exchange is known[1] and there's evidence of
other MUAs working around the bug[2].

Have other notmuch users encountered this problem?

What would anyone think about a workaround where notmuch-emacs could
grub around inside a "multipart/mixed" structure looking for child parts
that look like they really should have been a part of a
"multipart/encrypted" container?

-Carl

[1] https://social.technet.microsoft.com/Forums/en-US/c5059734-5031-4d82-96eb-c74fe60b5e9e/quotthis-is-a-broken-pgpmime-message-from-msexchangequot

[2] https://gitlab.com/mikecardwell/gpgit/blob/master/gpgit.pl#L108
which also refers to Enigmail having a workaround for thi.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://notmuchmail.org/pipermail/notmuch/attachments/20191120/9344f41e/attachment.sig>


More information about the notmuch mailing list