Desktop Email Encryption

 View Only

  • 1.  PGP/MIME from PGP Desktop to Enigmail

    Posted Mar 20, 2015 04:25 AM

    I am currenty evaluating PGP Desktop (10.3.2 MP3) and I am trying to send PGP/MIME Mails from Outook 2013 using an Exchange Server to an Enigmail user.

    The user receives the encrypted content, but Enigmail does not trigger.

    All PGP Keys are good/avaible because I can decrypt the Message.pgp attachment manually.

    I have the suspicion that the reason is a wrong content-type header.

    The content-type contains

    Content-Type: multipart/mixed;
	boundary="_003_cf2fb98a8699483f933eb93c088dc293DVWCDEVSRVTESTg"

    which is not RFC3156 compliant.

    Is there anything I can do or is this a limitation of PGP Desktop, that it cannot send RFC 3156 compliant mails?

    According to the RFC the Content-Type header should look like this

    Content-Type: multipart/encrypted; boundary=foo;
         protocol="application/pgp-encrypted"

     

    Thanks

     

     



  • 2.  RE: PGP/MIME from PGP Desktop to Enigmail

    Posted Mar 20, 2015 01:21 PM

    The issue is usually with an Exchange server changing it from multipart/encrypted to multipart/mixed.  Check the thread here:
    http://sourceforge.net/p/enigmail/forum/support/thread/4add2b69/

    Also here:
    http://www.mozilla-enigmail.org/forum/viewtopic.php?f=4&t=425

    It can also happen when it transfers to MTA's or non-Exchange-based mail servers as well.  Exchange typically seems to be the culprit more than anything else.



  • 3.  RE: PGP/MIME from PGP Desktop to Enigmail

    Posted Mar 21, 2015 06:17 PM

    Mike,

    thanks for your reply and the detailed links.

    I know that the Exchange Server is somehow difficult but I thought that Symantec would have good connections to Microsoft in order to get PGP Desktop being RFC complaint.

    So it looks to me that PGP Desktop is not usable as you cannot send encrypted PGP/MIME mails.

     

    Thanks

     

     



  • 4.  RE: PGP/MIME from PGP Desktop to Enigmail

    Posted Mar 23, 2015 10:43 AM

    I think you are misunderstanding my response.  This issue is not with PGP Desktop.  The mails should be sent correctly.  The issue is with Exchange modifying the messages to multipart/mixed.

    It is not a matter of RFC compliance, it is a matter of Exchange modifying the message, and is not limited to PGP Desktop.  PGP Desktop is fully capable of sending PGP/MIME messages.  Millions of them are sent around the globe daily.  What we cannot control is what Exchange or other mail appliances do to the message.



  • 5.  RE: PGP/MIME from PGP Desktop to Enigmail

    Posted Mar 23, 2015 04:04 PM

    Hello Mike,

    I understood your response correctly and I also suspected that the Exchange server is causing the trouble.

    But for the enduser it makes no difference who is the culprit. At the end of the day I cannot use PGP Desktop (without a PGP Universal Server) in an Exchange environment, as my receipients cannot decrypt my mails.

    Or is there anything that can be configured by our network guys allowing me to send mails with a correct Content-Type?

    Or is the problem only caused by certains versions of Exchange?

    Thanks again