[Mailman-Users] mailman, attachment and digital sign

Marco De Rossi Marco.DeRossi at roma1.infn.it
Thu Aug 30 16:47:53 CEST 2007 

If it could be helpful: it seems happen only sending e-mail from a Windows 
XP operating system (sending e-mail from a linux OS the digital signature 
is OK).

Thanks, Marco De Rossi


On Thu, 30 Aug 2007, Marco De Rossi wrote:

> I tried to turn off all "Content Filtering" but it didn't fixed the 
> signature problem.
> Some other suggestion?
> 
> Thanks, Marco De Rossi
> 
> 
> On Thu, 2 Aug 2007, Brad Knowles wrote:
> 
> > On 8/2/07, Marco De Rossi wrote:
> > 
> > >  We have modifed mailman so now it not add the message footer anymore.
> > >  Now we still have this problem only when we send digital signed e-mail
> > >  *with attachment*.
> > 
> > I can see two likely possibilities:
> > 
> > 	1.  The digital signature is being done against the whole message,
> > 	headers included.  When the message passes through Mailman, some
> > 	headers end up getting changed or added, and the signature is no
> > 	longer valid.
> > 
> > 	2.  Mailman is still stripping or changing some of the attachment
> > 	MIME types or filenames, which causes the signature to be invalidated.
> > 
> > Problem is, cryptographic signatures on messages are extremely 
> > fragile.  If even the slightest thing is changed, the signature is 
> > likely to be broken.  If you make the signature process more robust, 
> > then you increase the possibility that an attacker could slip 
> > something through that would still appear to be correct, but where 
> > they've actually secretly modified something.
> > 
> > Try turning off all filtering, HTML conversion, etc... within 
> > Mailman.  See if that "fixes" the signature problem.  If so, then you 
> > have to decide which is more important -- the signature on some 
> > messages or the probability that some malware could get through the 
> > system and sent out to all recipients of the list, because you'd 
> > turned off the filtering.
> > 
> > Unfortunately, this is a binary decision.  There is no option to 
> > leave signed messages unfiltered and to apply the filtering rules 
> > only to unsigned messages.  Even if there were such a method, the 
> > attackers could get through by simply forging fake signatures that 
> > look valid.
> > 
> > -- 
> > Brad Knowles <brad at shub-internet.org>, Consultant & Author
> > LinkedIn Profile: <http://tinyurl.com/y8kpxu>
> > Slides from Invited Talks: <http://tinyurl.com/tj6q4>
> > 
> > 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

More information about the Mailman-Users mailing list