-
Notifications
You must be signed in to change notification settings - Fork 937
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Message#encoded breaks existing gpg signatures #919
Comments
I'm having the same problem with Mutt/1.5.23. When I will read an e-mail using
I'm having different source mail: Original mime part:
Received mime part:
|
I'm not sure if However, the |
If you read from a string, you already have the original string anyway. The point was rather that if a message was constructed from source (as opposed to from scratch through the gem API) with the purpose of making specific changes, no other implicit alterations should be done, ideally. |
Or is it possible to retrieve the raw source of individual multipart sub-messages? |
Unfortunately I don't think it is possible currently to use the Mail gem to make only specific modifications, and then have it not also modify other parts of the message. Maybe the maintainers would accept a pull request that would keep track of which sections have been modified and which haven't so that it would only perform any logic that adds defaults to parts that have been modified. To answer your question, most parts and sub objects have some sort of API to get the raw source of just that part. The method to get the raw source of a Mail::Message or a Mail::Part (which inherits from Mail::Message) is that same Line 386 in 8130b9c
|
I'm not sure if I understand how raw_source works with @mail. What it will give me since I cannot simply send an e-mail using original source? So basically if I even change it to @mail.raw_source I cannot call on it |
Maybe it would help me understand better if you explained exactly what you are trying to do. If you are trying to take an email, parse it with this gem, modify the email, then send it, I don't think it will be possible to maintain the gpg signature. Part of the purpose of that gpg signature is to verify that the email hasn't been changed. So it is completely expected for the gpg signature to be invalid after making modifications to the email |
The point is I don't want to modify anything. I'm simply expecting to read an e-mail from STDIN and send it back to the postfix queue. So if I will open it like:
or if it's the file like:
so now, when I will call |
The problem is that now I need to go for |
Ah okay, that makes sense. I'm not sure ruby is necessarily the most effective way to take a STDIN or a file and feed it to posfix. Regardless, that's not really what this Mail gem is for. The gem is mostly for two things, 1. parsing emails and providing a nice OO interface for accessing the data, and 2. constructing new emails from a nice OO DSL. For your use case you may want to just interface with Net::SMTP or sendmail directly. As far as delivery goes, the mail gem provides just a very very small wrapper around those which does no more than some envelop checking and turning the mail object into a string. If you don't care at all about modifying the message, and you're definitely going to be using ruby, your best bet is probably calling
|
Ok, in that case it's clear and reasonable :-) So I will just stay with Thanks! |
Signatures use multipart. You can change headers of the top-level message without invalidating the signature, as long as sub-messages are left intact. |
My use case is that I do want to modify top-level headers, but then the gem mangles the signature because it also automatically normalizes headers of the signed sub-message. |
@ulfurinn So you want to modify top level headers, but not headers with in the multipart/signed part at all. Yeah, that's definitely an issue. Maybe logic can be added specifically for Is that something you'd be willing to try to tackle? |
I had a similar case when implementing a mailing list. I needed a remailer that changed message headers but kept the message body verbatim. Here's a starting point for exploration… # Use the original mail body, verbatim.
message.body = mail.body.encoded
# Manually split its parts (mail lib quirk, no API for this).
message.instance_variable_set '@separate_parts', message.multipart?
message.send(:process_body_raw) |
I'm using mail in an MDA filter script. It reads the message from stdin, parses it with
Mail.new
, sets some extra headers, and prints the output ofMessage#to_s
. What I've discovered is that by doing this any gpg signatures present in the original message will be rendered invalid. I've narrowed it down to additional headers being injected into the multipart chunk containing the cleartext, and Content-Type being broken into several lines, i.e. thisbecomes this:
So it would appear that the entire cleartext chunk must be preserved verbatim for the signature to be valid.
My current workaround is to print(edit: not usable with more complex messages), I'd prefer an explicit option to suppress normalisation, especially when dealing with externally created messages.#header
and#body
directly, which bypasses normalisation, but since this behaviour might change in future releasesThe problem is reproducible in Mail.app/GPGTools (using gpg 1.4.19) and mutt (using gpg 1.4.16)
The text was updated successfully, but these errors were encountered: