Digitally Signed, encrypted or RMS protected messages do not display correctly in the Reading Pane/Preview Pane within Microsoft Outlook and Outlook Web Access

Article:TECH124384  |  Created: 2010-01-17  |  Updated: 2013-06-04  |  Article URL http://www.symantec.com/docs/TECH124384
Article Type
Technical Solution


Issue



Digitally Signed, encrypted or RMS protected messages do not display correctly in the Reading Pane/Preview Pane within Microsoft Outlook and Outlook Web Access


Solution



When viewing messages that have a Pending state, be that Pending Archive or Pending Restore, within a mailbox, and have been digitally signed and/or encrypted, they will not display correctly if the Reading Pane/Preview Pane is enabled within Microsoft Outlook / Outlook Web Access.

When a Vault Store is set to "Remove safety copies after backup" items are set to a Pending Archive state. This is quite common as most customers will invoke a backup of the archived data before replacing the original item in the mailbox. Pending Restore states are quite transient, and are sometimes not actually seen due to the speed of the process.

When an item is in a Pending state, the message class is changed. This causes Outlook to misinterpret the message, and display it incorrectly.

The following information details what has been observed and what combination of signed/encrypted:-

Within Outlook (observed in Outlook 2003 SP3 and Outlook 2007 SP2)

Message Signed with attachment
Non-archived : Reading Pane/Preview Pane = All okay. Can see attachment, and full message body.  Red rosetta in top right hand corner.
Non-archived : item opened = All okay. Can see attachment, and full message body.  Red rosetta in top right hand corner.
Pending : Reading Pane/Preview Pane = Body okay, no attachments, no red rosetta.  (Attachment icon is present however)
Pending : item opened = Body okay, no attachments, no red rosetta.
Archived : Reading Pane/Preview Pane = No attachments, nor links to attachments.  No red rosetta in top right hand corner.  Shortcut banner and shortcut content are visible in the main pane, but no links to attachments.
Archived : item opened = All okay. Can see attachment, and full message body. Red rosetta in top right hand corner.

Encrypted with attachment
Non-archived : Reading Pane/Preview Pane = "This item cannot be displayed in the Reading Pane. Open the item to read its contents".
Non-archived : item opened = All okay. Body and attachment present along with blue padlock
Pending : Reading Pane/Preview Pane = blank.  No attachments, no body, no blue padlock
Pending : item opened = blank.  No attachments, no body, no blue padlock
Archived : Reading Pane/Preview Pane = No attachments, no blue padlock, just the archived item banner in the main pane.
Archived : item opened = All okay. Body and attachment present along with blue padlock

Within Outlook Web Access 2003 (OWA 2003)

Signed with attachment
Non-archived : Reading Pane/Preview Pane = Can see full body, and attachment.  Red rosetta at top right.  Can see warning message that attachments may be harmful.
Non-archived : item opened = Can see full body, and attachment.  Red rosetta at top right.  Can see warning message that attachments may be harmful.
Pending : Reading Pane/Preview Pane = Body okay, no red rosetta.  Attachment called smime.p7m
Pending : item opened = Body okay, no red rosetta.  Attachment called smime.p7m
Archived : Reading Pane/Preview Pane = No attachments, nor links to attachments.  No red rosetta in top right hand corner.  Shortcut banner and shortcut content are visible in the main pane, but no links to attachments.
Archived : item opened = All okay. Can see attachment, and full message body. Red rosetta in top right hand corner.

Encrypted with attachment
Non-archived : Reading Pane/Preview Pane = Can see full body, and attachment.  Blue padlock at top right.  Can see warning message that attachments may be harmful.
Non-archived : item opened = Can see full body, and attachment.  Blue padlock at top right.  Can see warning message that attachments may be harmful.
Pending : Reading Pane/Preview Pane = No body, no blue padlock.  Attachment called smime.p7m
Pending : item opened = No body, no blue padlock.  Attachment called smime.p7m
Archived : Reading Pane/Preview Pane = No attachments, no blue padlock, just the archived item banner in the main pane.
Archived : item opened = All okay. Body and attachment present along with blue padlock

Within Outlook Web Access 2007 (OWA 2007)

Signed with attachment
Non-archived : Reading Pane/Preview Pane = All okay.  Can see red rosetta, attachments and body
Non-archived : item opened = All okay.  Can see red rosetta, attachments and body
Pending : Reading Pane/Preview Pane = Body okay, no red rosetta.  Attachment called smime.p7m.
Pending : item opened = Body okay, no red rosetta.  Attachment called smime.p7m
Archived : Reading Pane/Preview Pane = Can see banner, and body.  No link to attachments, and no attachments on message.  No red rosetta.
Archived : item opened = All okay. Can see attachment, and full message body. You do receive the following warning message too "The content cannot be displayed because the S/MIME control is not available. You may install the control by going to Email Security options page in the main window"


Encrypted with attachment
Non-archived : Reading Pane/Preview Pane = All okay.  Can see blue padlock, attachments, and body.
Non-archived : item opened = All okay.  Can see blue padlock, attachments, and body.
Pending : Reading Pane/Preview Pane = No body, no blue padlock.  Attachment called smime.p7m
Pending : item opened = No body, no blue padlock.  Attachment called smime.p7m
Archived : Reading Pane/Preview Pane = Can only see banner.  No blue padlock, no attachments, no links to attachments, and no body.
Archived : item opened = Unable to view the item. This issue is referenced in the Technote 348049 cross-referenced below.

Signed + Encrypted = same as encrypted.



Workaround

To limit the extent of this issue, you can choose to disable archiving of these types of messages. To implement this follow these steps:-


1) Add the required message classes by right-clicking on the Site properties within the Vault Administration Console

2) Click "Add" and then enter the following individual classes:-

IPM.Note.SMIME

IPM.Note.SMIME.MultipartSigned

3) Once the message classes have been added, open the "Mailbox" policy for the users

4) Click on the "Message Classes" tab. You will see a list of message classes already added and enabled/disabled

5) Any message class that is not ticked will not be checked for eligibility, so ensure that the .SMIME ones are not ticked

6) After changing the policy synchronize the user(s)

 

 

This issue has been addressed as part of the following release:


Enterprise Vault 8.0 SP5 - Release Details
http://www.symantec.com/docs/TECH128741


Enterprise Vault 9.0.1 - Release Details
http://www.symantec.com/docs/TECH140373
 


Supplemental Materials

SourceETrack
Value1994761
Description

Encrypted / Signed emails do not display correctly in the Reading pane


SourceETrack
Value2006849
Description

Archived encrypted items do not open correctly within OWA2007



Legacy ID



347464


Article URL http://www.symantec.com/docs/TECH124384


Terms of use for this information are found in Legal Notices