[rt-users] multipart/signed mail handling for x.509

Sven Sternberger sven.sternberger at desy.de
Wed Nov 19 04:10:25 EST 2008


I our organisation we start to use X.509 certificates
to sign emails.
The MUA produces mime multi-part mails with the content type
These mails have 2 parts. The first one is the
plain/text message the second one is the x-pkcs7-signature.

The problem occurs if these messages are re-send by
RT. Then they will be transformed into a multipart/mixed
message and the text block is altered with text from
the templates, and the encoding could also be altered.
The result is that the recipient get a mail
with a broken signature.

We think the right way to handle these mails
is not to alter the multipart/signed block, but to
compose the rt mail as multipart/mixed, with the
multipart/signed block as one part of it.

--Start Multipart Mixed
--Part1: text from the rt-template
--Part2: multipart/signed
----Part2.1: plaintext message
----Part2.2: signature
--Part3: text from the rt-templated

The simpler way will to just throw the signature away, at
least when we send the message :-(

Has anybody found a solution, or could I configure RT
to archive this?

best regards!


More information about the rt-users mailing list