Page MenuHome GnuPG
Create Task
Maniphest T4836

GpgOL sometimes modifying email messages stored in the server
Open, HighPublic
Actions

Description

GpgOL is sometimes modifying email messages at the mailbox on its own.

Scenario:

There is an external process sending plaintext messages with an inline OpenPGP signature to a mailbox hosted in an Exchange server.
Alice connects to said mailbox natively (MAPI/HTTP?) using Microsoft Outlook, where GpgOL is installed.
Bob connects to the same mailbox via IMAP using thunderbird, with no PGP plugin.

Expected:
Bob would be able to view all email messages exactly as if Microsoft Outlook client was not involved at all.

Actual result:
When Bob accesses the emaiks, some of the messages became multipart/mixed, and now show an attachment identified as GpgOL_original_OpenPGP_message.txt:

Content-Type: text/plain; name="GpgOL_original_OpenPGP_message.txt"
Content-Description: GpgOL_original_OpenPGP_message.txt
Content-Disposition: attachment;
        filename="GpgOL_original_OpenPGP_message.txt"; size=...

(interestingly, the first and second MIME parts -which both show as base64- contain exactly the same content, except that the first one has a new line prepended, which is probably wrong)

Not all of the emails opened by Alice change in the mailbox. Probably depending on some timing, the "decrypted" version of the signed email, which would be prepared for display, get saved into the mailbox, thus affecting other clients.

Related Objects

Event Timeline

Angel created this task.Feb 4 2020, 12:29 AM
aheinecke claimed this task.Feb 5 2020, 11:49 AM
aheinecke triaged this task as High priority.
aheinecke added a subscriber: aheinecke.

Thank you for the detailed report.

We recently had a similar problem with S/MIME Mails. T4543 I think that we can apply the same fix we did for S/MIME also for OpenPGP. So I give this high priority as I think that this can be easily fixed and is a big problem in mixed environments.