Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Double-encrypted PGP emails with attachments gets garbled in Thunderbird #832

Open
1 task done
ta4563321 opened this issue Mar 7, 2022 · 4 comments
Open
1 task done

Double-encrypted PGP emails with attachments gets garbled in Thunderbird #832

ta4563321 opened this issue Mar 7, 2022 · 4 comments

Comments

@ta4563321
Copy link

Prerequisites

  • I have searched open and closed issues to make sure that the bug has not yet been reported.

Bug report

Describe the bug
Attachments are not properly handed in Thunderbird (shows as 0 bytes files) when the default mailbox in SimpleLogin is set up with a public PGP key to encrypt all incoming emails and an incoming email is already encrypted.

The problem seems to stem from multiple Content-Type-multipart-headers. Manually massaging the email source and removing the outer headers applied by SimpleLogin the attachments are correctly handled.

One simple solution might be to (optionally?) disable SimpleLogin general encryption on already encrypted emails.

Expected behavior
The email attachments of the double-encrypted email shall be possible to open.

Screenshots
Full headers of the decrypted email (with the multiple content-type headers)

Subject: Encrypted Email
From: XXX <xxx@simplelogin.co>
To: XXX <xxx@XXX>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="------------9ZRghjLJOeEESFN0m5X0Zh6N"

Content-Type: multipart/mixed; boundary="------------uhaghxftayPop5EXFqS5gXc0";
 protected-headers="v1"
Subject: Encrypted Email
From: XXX <xxx@XXX>
To: XXX <xxx@XXX>
Message-ID: <xxx@XXX>
References: <xxx@XXX>
In-Reply-To: <xxx@XXX>

--------------uhaghxftayPop5EXFqS5gXc0
Content-Type: multipart/mixed; boundary="------------adCnlLlS0tVTSLGHizwMZbMS"

--------------adCnlLlS0tVTSLGHizwMZbMS
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: base64

Environment (If applicable):

  • OS: Linux
  • Mail reader: Mozilla Thunderbird
  • Version 91.6.1
@c0nfigurati0n
Copy link

c0nfigurati0n commented Mar 20, 2022
edited

when saying:

One simple solution might be to (optionally?) disable SimpleLogin general encryption on already encrypted emails.

Are you asking them to add an option to disable pgp encryption or TLS encryption? Because if it's pgp encryption, then you could just turn it off under "more" selection of the alias you want to disable it for in the web app/dashboard.

@ta4563321
Copy link
Author

@MrMuffinIsTaken

Are you asking them to add an option to disable pgp encryption or TLS encryption?

PGP

Because if it's pgp encryption, then you could just turn it off under "more" selection of the alias you want to disable it for in the web app/dashboard.

Yes, this would work if all received emails to the alias are already encrypted but any unencrypted emails would be left untouched as well. My suggestion was to leave any already encrypted emails intact (aside from changing the headers) while encrypting any unencrypted emails with the general PGP key, hence supporting the mix of both encrypted/unencrypted.

@c0nfigurati0n
Copy link

c0nfigurati0n commented Mar 21, 2022
edited

@ta4563321

Are you asking them to add an option to disable pgp encryption or TLS encryption?

PGP

Because if it's pgp encryption, then you could just turn it off under "more" selection of the alias you want to disable it for in the web app/dashboard.

Yes, this would work if all received emails to the alias are already encrypted but any unencrypted emails would be left untouched as well. My suggestion was to leave any already encrypted emails intact (aside from changing the headers) while encrypting any unencrypted emails with the general PGP key, hence supporting the mix of both encrypted/unencrypted.

So if i understand correctly, you want to me sure that any already pgp encrypted emails sent to an alias isn't touched and encrypted again with the same pgp key? While having non pgp encrypted emails sent to the alias be encrypted with the pgp key.

@ta4563321
Copy link
Author

@MrMuffinIsTaken

So if i understand correctly, you want to me sure that any already pgp encrypted emails sent to an alias isn't touched and encrypted again with the same pgp key? While having non pgp encrypted emails sent to the alias be encrypted with the pgp key.

Correct. But preferably regardless if the original email is encrypted with the configured key or another (to simple login unknown) key, just leave already encrypted email bodies as they are.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@c0nfigurati0n @ta4563321