Closed Bug 1677340 Opened 5 years ago Closed 4 years ago

PGP encrypted emails do not decrypt after microsoft exchange mangles mime headers

Categories

(MailNews Core :: Security: OpenPGP, defect)

Product:
MailNews Core
Component:
Security: OpenPGP
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1689086

People

(Reporter: jacob, Unassigned)

References

Details

Attachments

(3 files)

correctly-formatted-message.txt
4.72 KB, text/plain
Details
mangled-message.txt
8.22 KB, text/plain
Details
manual-repair.patch
1.45 KB, patch
Details | Diff | Splinter Review

User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36

Steps to reproduce:

Decrypt an email sent by Thunderbird using the integrated OpenPGP encryption. This was attempted with 78.3.2 as well as with a nightly build.

Actual results:

Thunderbird does not attempt to decrypt the email. It appears that the email sent from thunderbird has correct headers at send time, and modified mime headers after it is received by a Microsoft Exchange server.

Viewing the email in the Sent messages folder does decrypt the email as expected.

Expected results:

Thunderbird should have attempted to decrypt the email even when the mime headers have been tampered with by Microsoft Exchange.

The sent email as created by Thunderbird, sending myself a test message.

Attached file mangled-message.txt

This is the email after it was received and inserted into my inbox. It was downloaded through the IMAP interface of a Microsoft Exchange server. It has been changed by the Exchange server and is no longer recognized as an OpenPGP message.

Component: Untriaged → Security: OpenPGP
Product: Thunderbird → MailNews Core

If detected, you'd see a button there to try fixing it (the same as enigmail). Did you try the button?

Note the button is missing in most 78.x versions.

The button should be visible again with 78.5.0

(In reply to Magnus Melin [:mkmelin] from comment #4)

If detected, you'd see a button there to try fixing it (the same as enigmail). Did you try the button?

Using 78.3.2 on GNU/Linux (Ubuntu 20.10), I do not see a button.

When loading the emails I uploaded, do you see a button with 78.3.2 or later? I am willing to try another build but I think the mangled email is not detected.

(In reply to Kai Engert (:KaiE:) from comment #5)

Note the button is missing in most 78.x versions.

The button should be visible again with 78.5.0

I do not see a 78.5.0 as an option from the downloads page: https://www.thunderbird.net/en-US/thunderbird/releases/

Should I be using a beta or a nightly release?

78.5 will be out in some hours.
There's been some changes in this area, I think in 78.4.x at least, it was inside the security technology button [OpenPGP].

I've repeated my tests using the 78.5.0 (64-bit) GNU/Linux (Ubuntu 20.10) release on the download page.

The same message (Attached file mangled-message.txt ) as received is a mangled message and it still does not trigger any new buttons to appear, nor does it trigger prompting for decryption. Other PGPMIME messages received today do not prompt for decryption either. No buttons appear that offer to fix the mangled message, nor is there any other new button.

Repeating the test where I attempt to decrypt the Thunderbird composed message: I do see a button which does show the correct information after I push the button. It contains information about the encryption/decryption process (GPG keys, etc). This works as expected with a Yubikey to decrypt (after touching the yubikey) the message that I sent to myself.

This still appears to impact 78.5.0 (64-bit) GNU/Linux (Ubuntu 20.10).

I suspect that either mangle mail detection isn't enabled for me or perhaps my messages are mangled in a new manner.

I'll attempt to investigate the attached example soon.

Flags: needinfo?(kaie)

The message you have received is modified differently than in the known examples.

The known corruption is described as having one extra text/plain part.

In the attached message there are three extra parts, multipart/alternative and text/plain and text/html.

Flags: needinfo?(kaie)

I've manually edited mangled-message.txt as illustrated in this patch. After this modification, thunderbird is able to display the file.

It would be interesting to know if this is an additional "common" mangling.
We'll have to decide if we want to attempt automatic repairing for this scenario, too.

Daniel, Patrick, have you seen this kind of mangling?

Status: UNCONFIRMED → NEW
Ever confirmed: true

(In reply to Kai Engert (:KaiE:) from comment #13)

Created attachment 9189215 [details] [diff] [review]
manual-repair.patch

I've manually edited mangled-message.txt as illustrated in this patch. After this modification, thunderbird is able to display the file.

It would be interesting to know if this is an additional "common" mangling.
We'll have to decide if we want to attempt automatic repairing for this scenario, too.

I think it is common for this version of Microsoft Exchange.

(In reply to Kai Engert (:KaiE:) from comment #14)

Daniel, Patrick, have you seen this kind of mangling?

Yes, there is quite a bit of code to deal with this that you took over from Enigmail. But I'm not sure whether you actually use the code:
https://searchfox.org/comm-esr78/rev/c03553775e2cf2319fb271b4ecb974cbeeb7b7a3/mail/extensions/openpgp/content/ui/enigmailMessengerOverlay.js#943

I'm not sure if the attached message is really detected - over time, the way to detect such messages needed to be adapted several times.

(In reply to Patrick Brunschwig from comment #16)

(In reply to Kai Engert (:KaiE:) from comment #14)

Daniel, Patrick, have you seen this kind of mangling?

Yes, there is quite a bit of code to deal with this that you took over from Enigmail. But I'm not sure whether you actually use the code:
https://searchfox.org/comm-esr78/rev/c03553775e2cf2319fb271b4ecb974cbeeb7b7a3/mail/extensions/openpgp/content/ui/enigmailMessengerOverlay.js#943

I'm not sure if the attached message is really detected - over time, the way to detect such messages needed to be adapted several times.

I have also tried the Thunderbird (68.10.0+build1-0ubuntu0.20.04.1) which ships with Ubuntu 20.04 with the packaged Enigmail ( 2:2.1.6+ds1-1) and also the latest version from addons.mozilla. It does not detect the mangled message in question, and it does not prompt to repair it. It does work for the mail that Thunderbird composes as expected.

In the support request I've filed with our email Microsoft Exchange administrators, I was told that the problem likely started when they upgraded the Microsoft Exchange server. My understanding is that they performed an upgrade from an "unsupported Exchange version 2010 (EOL: oct 2020)" and now are running "the latest version 2019" of Microsoft Exchange.

The IT support staff informed me that they've also opened a support ticket with Microsoft as they agree that Microsoft Exchange should not be modifying the messages at all. If I learn anything useful from their support process, I'll add that information to this ticket.

The IT support staff informed me of their progress today: "In collaboration with Microsoft we have enabled pipelinetracing on the exchange servers." I've composed and sent a fresh test mail to assist them in their pipeline tracing. Hopefully this will result in a shared of understanding of why Exchange mangles these kinds of messages as well as how to stop this mangling.

See Also: → 1689086

This is the same as bug 1689086. Marking as a dupe, because that other bug has a patch.

Status: NEW → RESOLVED
Closed: 4 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: