View Issue Details

IDProjectCategoryView StatusLast Update
0005181SOGoSOPEpublic2020-10-02 08:56
Reporterschmirl Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status newResolutionopen 
Product Version4.3.2 
Summary0005181: SOGo mails modified by some mail relay servers: S/MIME signature broken
Description

I noticed that sometimes the signatures of SOGo signed mails are reported as broken (on any mailclient, so not related to 0004634). It turned out that indeed the mail is modified in transit: Some of the Content-Length MIME part headers were stripped in transit. I was able to track it back to sendmail-based relay servers (others might behave the same way) and indeed, in its default configuration sendmail strips this header.

While this is clearly something to be discussed with the sendmail guys, too, the Content-Length header is not specified for email:

As nobody can control through which relay servers a mail is forwarded, SOGo should stop adding this header.

Steps To Reproduce
  1. Send a SOGo mail in HTML format (multipart/alternative) with an attachment through a sendmail based SMTP relay
  2. Compare the email source in Sent-folder with the email source on the recipient side: Content-length of the attachment was removed

Repeat the test and have SOGo sign the mail: Mail will be reported as modified by the reciepient (tested Outlook and SOGo)

Additional Information

Proposed patch attached. It turned out that it's not that easy to find all places reponsible for adding a Content-Length header to the individual parts. So this patch simply skips the header while writing the content.

TagsS/MIME

Activities

schmirl

schmirl

2020-10-02 08:56

reporter  

SOPE-drop_content-length.patch (845 bytes)   
--- sope-mime/NGMime/NGMimePartGenerator.m.orig	2019-12-17 21:34:06.000000000 +0100
+++ sope-mime/NGMime/NGMimePartGenerator.m	2020-10-02 09:42:47.030375229 +0200
@@ -258,6 +258,9 @@
     NSEnumerator *enumerator;
     BOOL         reset;
     
+    if ([headerFieldName isEqualToString:@"content-length"])
+      continue;
+
     if ([[_additionalHeaders objectsForKey:headerFieldName] count] > 0) {
       enumerator = [addHeaders objectEnumeratorForKey:headerFieldName];
       reset = YES;
@@ -274,6 +277,9 @@
   
   headerFieldNames = [addHeaders keyEnumerator];
   while ((headerFieldName = [headerFieldNames nextObject]) != nil) {
+    if ([headerFieldName isEqualToString:@"content-length"])
+      continue;
+
     [self appendHeaderField:headerFieldName
 	  values:[addHeaders objectEnumeratorForKey:headerFieldName]
 	  toData:data];

Issue History

Date Modified Username Field Change
2020-10-02 08:56 schmirl New Issue
2020-10-02 08:56 schmirl Tag Attached: S/MIME
2020-10-02 08:56 schmirl File Added: SOPE-drop_content-length.patch