11:34 a.m.
I have a problem with Evolution email signing on send that I can't
solve. GPG signature on receive seems fine from mail that I have sent
from a Thunderbird client, and it has a GPG line with "Valid
signature".
For a long time now I have been using Thunderbird with the enigmail
extension to send and receive signed and/or encrypted mail - perfectly
successfully.
I decided to give Evolution a try - mostly it works, including syncing
caldav calendars nicely. I then set up GPG in the security section
and selected my key ID. Then I sent a test mail that was GPG signed.
In the Sent mail folder the outgoing mail in Evolution looks normal
and within Evolution it says that the mail was signed just fine (i.e.
Valid signature). However when this mail is received in Thunderbird
the top strip on the mail (within Thunderbird) is pink instead of
green, and the OpenPGP status says "Error - signature verification
failed; click on 'Details' button for more information " - clicking on
the details gives the Security Info as
"OpenPGP Security Info
Error - signature verification failed
gpg command line and output:
/usr/bin/gpg
gpg: Signature made Sun 21 Mar 2010 11:40:25 AM GMT using RSA key ID XXXXXX
gpg: BAD signature from "xxxxxxxxx (New rsa key)
<mike(a)my-email-server.com>"
Has anyone else come across this behaviour and if so do you know what
it needed to make GPG signing behave normally?
Thanks
--
mike c
1:39 p.m.
On Wed, Mar 24, 2010 at 4:36 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
On Thu, 2010-03-25 at 01:54 +1030, Tim wrote:
> On Wed, 2010-03-24 at 08:27 -0430, Patrick O'Callaghan wrote:
> > possibly somewhere along the line the HTML is being reflowed or in
> > some way modified, which would destroy the signature. I can't really
> > see how that could happen
>
> We've seen plenty of plain text message parts being transcoded in
> transit by some allegedly "helpful" mail server (turning quoted
> printable into 8-bit, etc.). I wouldn't be the slightest bit surprised
> at a mail server doing the same sort of thing to text/html content.
Quite, but the OP says it all works properly if he sticks to TB. Even
allowing for the difference between inline PGP and PGP/MIME, it would
seem particularly perverse of the intermediate server to mess with one
and not the other. But I guess stranger things have happened ...
Well guys, the mystery has resolved itself with the only action by me
being an update at the TB end - before doing the tests that were
suggested I updated my version of TB - to Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9.2.2pre) Gecko/20100323 Lightning/1.0b2pre
Lanikai/3.1b2pre - whereas I had been running earlier versions of TB
3.1b2pre for quite some time and indeed prior to that 3.1a - until
today I was using a version from a few days ago and the problem was
still present until that version. At the same time I updated the
enigmail and lightning extensions to the most recent. However with
the new version I can now send from Evolution and I get correct
signature verification for HTML mail, both with a straight simple sent
message, and also if replying leaving the quoted text from the
original. So now I get full and correct signature verification both
ways.
So the bug was within Thunderbird - I don't know how long this bug has
been there but I seem to remember an issue with this going quite some
time back - so whether it is in the handling of received mail by
Thunderbird itself or whether the enigmail extension was the problem I
don't know - but I do know that this is now working!
So maybe the TB/enigmail developers were monitoring this thread! ( I
presume that normal updates to F12 this morning would not have made
any significant changes that would have any impact on this issue)
Either way I am very pleased this is resolved in the new version....
--
mike c
9:06 a.m.
On Thu, 2010-03-25 at 16:25 +1030, Tim wrote:
On Wed, 2010-03-24 at 18:47 -0430, Patrick O'Callaghan wrote:
> Ahh, the old "not using the latest version" trick.
Is that said with a Maxwell Smart or Inspector Clouseau voice? ;-)
Would you believe Grytpype-Thynne? How about Neddy Seagoon? :-)
poc
10:52 a.m.
On Thu, Mar 25, 2010 at 2:06 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
On Thu, 2010-03-25 at 16:25 +1030, Tim wrote:
> On Wed, 2010-03-24 at 18:47 -0430, Patrick O'Callaghan wrote:
> > Ahh, the old "not using the latest version" trick.
>
> Is that said with a Maxwell Smart or Inspector Clouseau voice? ;-)
Would you believe Grytpype-Thynne? How about Neddy Seagoon? :-)
Ahh - Neddy - in a
high voice - now that gives some ages away!
But did you try the "forwarding test"!? (Or as Clouseau would say,
"Vee need eveedense zat ze securitay must fully be proof of ze bahm",
walking into the door as he leaves the room elegantly!)
--
mike c
4:22 a.m.
On Wed, Mar 24, 2010 at 11:17 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
On Wed, 2010-03-24 at 18:39 +0000, mike cloaked wrote:
> Well guys, the mystery has resolved itself with the only action by me
> being an update at the TB end
Ahh, the old "not using the latest version" trick.
poc
Yeah, well I am using somewhat newer than current released version
anyway! - the released version (current) has known problems and I have
been using the 3.1b nightlies for quite some time - I am fairly sure
that the released version will suffer from the same problems that I
have been seeing, but maybe someone could test (?) - so now with the
latest non-released 3.1 things have improved - but there is still the
problem when forwarding as attachment - and it would be nice to know
if this is seen in the current release as well as in the cutting edge?
It is not too long before 3.1 gets released so I guess it is on the
final phase of cleaning up code before it goes out the door.
Of course there is also 3.2a but that is beyond cutting edge and into
the bleeding edge regime!
Mike
--
mike c
12:55 a.m.
On Wed, 2010-03-24 at 18:47 -0430, Patrick O'Callaghan wrote:
Ahh, the old "not using the latest version" trick.
Is that said with a Maxwell Smart or Inspector Clouseau voice? ;-)
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
1:58 p.m.
On Wed, Mar 24, 2010 at 6:39 PM, mike cloaked <mike.cloaked(a)gmail.com> wrote:
Well guys, the mystery has resolved itself with the only action by
me
being an update at the TB end - before doing the tests that were
suggested I updated my version of TB - to Mozilla/5.0 (X11; U; Linux
i686; en-US; rv:1.9.2.2pre) Gecko/20100323 Lightning/1.0b2pre
Lanikai/3.1b2pre - whereas I had been running earlier versions of TB
However - one fly remains in the ointment!
If wholly within TB you have a mail on the screen and select
Message->Forward as-> attachment and then send it, signed, to yourself
and receive it back in TB then what I found is that I get the same bad
signature problem - so this is a purely Thunderbird issue that I
believe has been a bug for a long time - this is an easy test anyone
can verify - using HTML mail. Forwarding inline works fine though.
I have not tried this last test with plaintext mail forwarded as
attachment - but this is clearly another bug that ought to be resolved
by TB developers.
--
mike c
1:09 p.m.
Tim:
> We've seen plenty of plain text message parts being
transcoded in
> transit by some allegedly "helpful" mail server (turning quoted
> printable into 8-bit, etc.). I wouldn't be the slightest bit surprised
> at a mail server doing the same sort of thing to text/html content.
Patrick O'Callaghan:
Quite, but the OP says it all works properly if he sticks to TB.
Even
allowing for the difference between inline PGP and PGP/MIME, it would
seem particularly perverse of the intermediate server to mess with one
and not the other. But I guess stranger things have happened ...
But one client might be using a different content encoding scheme, by
default. The original poster can easily test this by writing a message
in each, then looking at the raw message kept in their sent mail folder,
before any external mail server has a chance to alter it.
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
11:36 a.m.
On Thu, 2010-03-25 at 01:54 +1030, Tim wrote:
On Wed, 2010-03-24 at 08:27 -0430, Patrick O'Callaghan wrote:
> possibly somewhere along the line the HTML is being reflowed or in
> some way modified, which would destroy the signature. I can't really
> see how that could happen
We've seen plenty of plain text message parts being transcoded in
transit by some allegedly "helpful" mail server (turning quoted
printable into 8-bit, etc.). I wouldn't be the slightest bit surprised
at a mail server doing the same sort of thing to text/html content.
Quite, but the OP says it all works properly if he sticks to TB. Even
allowing for the difference between inline PGP and PGP/MIME, it would
seem particularly perverse of the intermediate server to mess with one
and not the other. But I guess stranger things have happened ...
poc
10:24 a.m.
On Wed, 2010-03-24 at 08:27 -0430, Patrick O'Callaghan wrote:
possibly somewhere along the line the HTML is being reflowed or in
some way modified, which would destroy the signature. I can't really
see how that could happen
We've seen plenty of plain text message parts being transcoded in
transit by some allegedly "helpful" mail server (turning quoted
printable into 8-bit, etc.). I wouldn't be the slightest bit surprised
at a mail server doing the same sort of thing to text/html content.
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
9:57 a.m.
On Wed, Mar 24, 2010 at 12:57 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
On Wed, 2010-03-24 at 08:12 +0000, mike cloaked wrote:
> I do now know that if sending a plaintext mail from Evo to TB then the
> signature verifies just fine, but changing to sending HTML but
> otherwise leaving everything else the same then TB says it is a BAD
> signature. The question I do not know is whether the signature
> verification in TB has a bug, or whether Evo does not form the
> PGP/Mime mail correctly when sending HTML?
Can TB verify Evo's signed message in your Sent folder? Can gpg verify
it, independantly of TB?
If they can, but won't verify the received message, then possibly
somewhere along the line the HTML is being reflowed or in some way
modified, which would destroy the signature. I can't really see how that
could happen, but just to eliminate it as a possibility, try saving both
the sent mail and the received mail to files and do a simple diff on
them.
I will try and test as you suggest this evening when I have finished
with $DAYJOB for today....
--
mike c
7:57 a.m.
On Wed, 2010-03-24 at 08:12 +0000, mike cloaked wrote:
I do now know that if sending a plaintext mail from Evo to TB then
the
signature verifies just fine, but changing to sending HTML but
otherwise leaving everything else the same then TB says it is a BAD
signature. The question I do not know is whether the signature
verification in TB has a bug, or whether Evo does not form the
PGP/Mime mail correctly when sending HTML?
Can TB verify Evo's signed message in your Sent folder? Can gpg verify
it, independantly of TB?
If they can, but won't verify the received message, then possibly
somewhere along the line the HTML is being reflowed or in some way
modified, which would destroy the signature. I can't really see how that
could happen, but just to eliminate it as a possibility, try saving both
the sent mail and the received mail to files and do a simple diff on
them.
poc
7:49 a.m.
On Wed, 2010-03-24 at 18:04 +1030, Tim wrote:
Tim:
>> Is there a switch I am missing because I did not look deep
>> enough or is it that Evolution just can't do PGP/Mime??
Patrick O'Callaghan:
> At the moment you can't. There's been a lot of resistance to it as
> it's non-standard
Other way around...
PGP as a MIME part is a standard way to do things. But just bunging PGP
data somewhere into the message in the same section as the message,
without any separating headers, isn't.
You're right of course. I misread the quote I was replying to.
poc
3:12 a.m.
On Tue, Mar 23, 2010 at 11:20 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
I just sent myself a plain text signed message from Evo and verified
the
signature using TBird. Looking at the raw file, it does indeed have
a .asc attachment containing the signature, as per spec. I haven't tried
it in HTML as I never use it.
Going back to the error message in your original post, it complains
about:
gpg: BAD signature from "xxxxxxxxx (New rsa key)
<mike(a)my-email-server.com>"
That looks to me like a problem with the signature itself rather than
the message (though I wouldn't swear to it). Are you sure that your
configurations of Evo and TB are using the same signature?
Well - the way I am testing is that I have TB set up on this machine
for my personal mail and the .gnupg dir holds the GPG files. I also
have Evolution running on this same physical machine within my own
user area. The EVo account is set up to hook up to my work imap email
account.
Hence if I use TB to send from personal mail account to work and
receive the mail on Evo, or if I send from my work account using Evo
to my personal account seen in TB then both mail clients are operating
using the same set of files in .gnupg. Therefore if I use a signed
email then both are taking the keys from the same area! Hence if it
works sending from TB to myself on TB, or from TB to Evo, and the
signature verifies fine, but sending from Evo to TB where the
signature does not verify this indicates that one or other email
client is not handling the signing or verification properly, surely!
I do now know that if sending a plaintext mail from Evo to TB then the
signature verifies just fine, but changing to sending HTML but
otherwise leaving everything else the same then TB says it is a BAD
signature. The question I do not know is whether the signature
verification in TB has a bug, or whether Evo does not form the
PGP/Mime mail correctly when sending HTML?
Either way there is nothing wrong with my GPG keys since every other
test I do on them works fine.
--
mike c
2:34 a.m.
Tim:
> Is there a switch I am missing because I did not look deep
> enough or is it that Evolution just can't do PGP/Mime??
Patrick O'Callaghan:
At the moment you can't. There's been a lot of resistance to
it as
it's non-standard
Other way around...
PGP as a MIME part is a standard way to do things. But just bunging PGP
data somewhere into the message in the same section as the message,
without any separating headers, isn't.
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
2:17 a.m.
On Tue, 2010-03-23 at 21:05 +0000, mike cloaked wrote:
in Thunderbird I have the option of sending PGP/mime - but I
can't see
how to do this in Evolution?
Evolution does do PGP mime (message and signature are different MIME
parts of the message), you just don't get options about *how* it's done.
Non-mime PGP is a message and signature just concatenated together in
one lump, rather like UUencoding messages and attachments. That's the
old way of doing PGP, and makes for more difficult parsing of messages
(there's no headers between sections).
--
[tim@localhost ~]$ uname -r
2.6.27.25-78.2.56.fc9.i686
Don't send private replies to my address, the mailbox is ignored. I
read messages from the public lists.
6:20 p.m.
On Tue, 2010-03-23 at 21:43 +0000, mike cloaked wrote:
On Tue, Mar 23, 2010 at 9:36 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
>> Maybe that last point is the important one - in Thunderbird I have the
>> option of sending PGP/mime - but I can't see how to do this in
>> Evolution? Is there a switch I am missing because I did not look deep
>> enough or is it that Evolution just can't do PGP/Mime??
>
> At the moment you can't. There's been a lot of resistance to it as it's
> non-standard, but apparently some work is being done on it, see
>
http://www.go-evolution.org/FAQ#Why_does_Evolution_attach_a_.asc-file_to_...
Thank you, that is useful - though I am now more confused - I have TB
set to use PGP/Mime and sign email - and it is received by either TB
or Evo and verifies just fine - but from the quote it says that
(concerning Evolution): "When you sign emails, the GPG signature is
embedded in a .asc file, this is called Outline PGP (or PGP/MIME). It
is not embedded in the header/footer of the email because Inline PGP
is currently not supported by Evolution" - I thought this (PGP/Mime)
was the same as what I am using for Thunderbird? If so why does
Thunderbird then not verify? Or have I got the wrong end of the stick?
I just sent myself a plain text signed message from Evo and verified the
signature using TBird. Looking at the raw file, it does indeed have
a .asc attachment containing the signature, as per spec. I haven't tried
it in HTML as I never use it.
Going back to the error message in your original post, it complains
about:
gpg: BAD signature from "xxxxxxxxx (New rsa key)
<mike(a)my-email-server.com>"
That looks to me like a problem with the signature itself rather than
the message (though I wouldn't swear to it). Are you sure that your
configurations of Evo and TB are using the same signature?
poc
4:43 p.m.
On Tue, Mar 23, 2010 at 9:36 PM, Patrick O'Callaghan
<pocallaghan(a)gmail.com> wrote:
> Maybe that last point is the important one - in Thunderbird I
have the
> option of sending PGP/mime - but I can't see how to do this in
> Evolution? Is there a switch I am missing because I did not look deep
> enough or is it that Evolution just can't do PGP/Mime??
At the moment you can't. There's been a lot of resistance to it as it's
non-standard, but apparently some work is being done on it, see
http://www.go-evolution.org/FAQ#Why_does_Evolution_attach_a_.asc-file_to_...
Thank you, that is useful - though I am now more confused - I have TB
set to use PGP/Mime and sign email - and it is received by either TB
or Evo and verifies just fine - but from the quote it says that
(concerning Evolution): "When you sign emails, the GPG signature is
embedded in a .asc file, this is called Outline PGP (or PGP/MIME). It
is not embedded in the header/footer of the email because Inline PGP
is currently not supported by Evolution" - I thought this (PGP/Mime)
was the same as what I am using for Thunderbird? If so why does
Thunderbird then not verify? Or have I got the wrong end of the stick?
--
mike c
4:36 p.m.
On Tue, 2010-03-23 at 21:05 +0000, mike cloaked wrote:
On Tue, Mar 23, 2010 at 8:55 PM, mike cloaked
<mike.cloaked(a)gmail.com> wrote:
>>> does it make a difference if you are sending inline or PGP/MIME.
>>
Maybe that last point is the important one - in Thunderbird I have the
option of sending PGP/mime - but I can't see how to do this in
Evolution? Is there a switch I am missing because I did not look deep
enough or is it that Evolution just can't do PGP/Mime??
At the moment you can't. There's been a lot of resistance to it as it's
non-standard, but apparently some work is being done on it, see
http://www.go-evolution.org/FAQ#Why_does_Evolution_attach_a_.asc-file_to_...
poc
4:14 p.m.
On Tue, Mar 23, 2010 at 9:05 PM, mike cloaked <mike.cloaked(a)gmail.com> wrote:
On Tue, Mar 23, 2010 at 8:55 PM, mike cloaked
<mike.cloaked(a)gmail.com> wrote:
>>> does it make a difference if you are sending inline or PGP/MIME.
>>
Maybe that last point is the important one - in Thunderbird I have the
option of sending PGP/mime - but I can't see how to do this in
Evolution? Is there a switch I am missing because I did not look deep
enough or is it that Evolution just can't do PGP/Mime??
I found a post at http://www.secure-my-email.com/clients_evolution.php
which says: "One thing I encoutered here is that Evolution (at least
my version, version 2.2.3) require the encrypted data to be RFC 1847
Encapsulated. It does not support the other method of both digitally
signing and encrypting as defined in RFC 3156. (RFC 1847 encapsulation
is described in chapter 6.1, the combined method is described in
chapter 6.2 for those interested).
My primary mail client, Mozilla Thunderbird, with Enigmail as an
extension to handle the security use the combined method by default
when sending a message using PGP/MIME. It will be able to properly
verify both methods."
I wonder if this is at the core of this issue?
I also saw a very old post at
http://www.mozdev.org/pipermail/enigmail/2003-November/000661.html
"> I am having trouble receiving signed+encrypted email from a
person using Evolution, which supports only PGP/MIME. I read through
RFC
3156, and, according to section 6, there are two ways to send
signed+encrypted email. One (6.1) is to create a signature mime body
from the text, encrypt the whole, and create an encrypted mime body from
the result. This is what Evolution does. The other (6.2) is to
encrypt+sign the text in one go, which is what Enigmail does. The
problem is that Enigmail does not properly decode email sent in the
format described in 6.1. It decrypts the message and displays the text,
but does not verify the signature."
This seems to point to Thunderbird as being the problem in that maybe
a very old unresolved bug/feature is preventing correct signature
verification?
I would appreciate further input on this.
--
mike c
4:05 p.m.
On Tue, Mar 23, 2010 at 8:55 PM, mike cloaked <mike.cloaked(a)gmail.com> wrote:
>> does it make a difference if you are sending inline or
PGP/MIME.
>
Maybe that last point is the important one - in Thunderbird I have the
option of sending PGP/mime - but I can't see how to do this in
Evolution? Is there a switch I am missing because I did not look deep
enough or is it that Evolution just can't do PGP/Mime??
--
mike c
3:55 p.m.
On Tue, Mar 23, 2010 at 8:44 PM, mike cloaked <mike.cloaked(a)gmail.com> wrote:
>> If anyone else uses signed mail and can confirm this
behaviour it
>> would be useful - I would report this against bugzilla but I need to
>> know which component is the underlying problem.
>>
>>
> Check to make sure you are sending plain text. When sending plain text
> Thunderbird and Evolution should have no problem, but if you send html
> (eg. multipart/alternative) you are not going to get a good signature
> verification. I would be glad to run a couple of tests with you. Also,
> does it make a difference if you are sending inline or PGP/MIME.
I was sending HTML - and I will try with plaintext after seeing your
post - by the way this account I don't use in either TB or Evo but
from a web browser and did try firegpg for a while - but it caused a
load of problems in the browser so switched it off - I have multiple
mail accounts for different purposes (work, family, friends, computer
stuff etc) and I don't always want them opened in the same client.
However I do note that TB sends HTML signed mail with no problems at
all - it just seems that it is Evo that may be unhappy unless it is
plaintext - why should there be a difference in signature verification
if plain text or HTML?
I will post back after a test mail....
Yup you hit it in one! Sending a signed but plaintext email from Evo
to TB gives a good signature verification in TB - HTML mail gives a
problem! Yet I can send a signed HTML email from Evo to Evo and it
verifies just fine - I find this weird! Where is the root cause of
this? Is it something in the sending process in Evo, or in the
receiving end at TB?
By the way what I did for the test was to reply to an HTML mail and
then in Evo compose window change from HTML to Plain Text - the only
security option that I can see in the compose window is to select
Security->PGP Sign - there was no attachment in this case and the
quoted text was inline - if that is what you were asking?
I would like to get to the bottom of this.....
--
mike c
3:44 p.m.
On Tue, Mar 23, 2010 at 4:47 PM, Jerry Feldman <gaf(a)blu.org> wrote:
On 03/22/2010 01:20 PM, mike cloaked wrote:
> This is not an selinux issue - the summary is as follows:
> Thunderbird sends signed mail to Thunderbird - all is fine
> Thunderbird sends signed mail to Evolution - all is fine
> Evolution sends signed mail to Evolution - all is fine
> Evolution sends signed mail to Thunderbird and Thunderbird complains
> about "signature verification failed" - so this is either a bug in Evo
> or in TB (I am using TB 3.1b2 but it is more than likely this will be
> the same in earlier versions -
>
> If anyone else uses signed mail and can confirm this behaviour it
> would be useful - I would report this against bugzilla but I need to
> know which component is the underlying problem.
>
>
Check to make sure you are sending plain text. When sending plain text
Thunderbird and Evolution should have no problem, but if you send html
(eg. multipart/alternative) you are not going to get a good signature
verification. I would be glad to run a couple of tests with you. Also,
does it make a difference if you are sending inline or PGP/MIME.
I was sending HTML - and I will try with plaintext after seeing your
post - by the way this account I don't use in either TB or Evo but
from a web browser and did try firegpg for a while - but it caused a
load of problems in the browser so switched it off - I have multiple
mail accounts for different purposes (work, family, friends, computer
stuff etc) and I don't always want them opened in the same client.
However I do note that TB sends HTML signed mail with no problems at
all - it just seems that it is Evo that may be unhappy unless it is
plaintext - why should there be a difference in signature verification
if plain text or HTML?
I will post back after a test mail....
--
mike c
11:47 a.m.
On 03/22/2010 01:20 PM, mike cloaked wrote:
This is not an selinux issue - the summary is as follows:
Thunderbird sends signed mail to Thunderbird - all is fine
Thunderbird sends signed mail to Evolution - all is fine
Evolution sends signed mail to Evolution - all is fine
Evolution sends signed mail to Thunderbird and Thunderbird complains
about "signature verification failed" - so this is either a bug in Evo
or in TB (I am using TB 3.1b2 but it is more than likely this will be
the same in earlier versions -
If anyone else uses signed mail and can confirm this behaviour it
would be useful - I would report this against bugzilla but I need to
know which component is the underlying problem.
Check to make sure you are sending plain text. When sending plain text
Thunderbird and Evolution should have no problem, but if you send html
(eg. multipart/alternative) you are not going to get a good signature
verification. I would be glad to run a couple of tests with you. Also,
does it make a difference if you are sending inline or PGP/MIME.
--
Jerry Feldman <gaf(a)blu.org>
Boston Linux and Unix
PGP key id: 537C5846
PGP Key fingerprint: 3D1B 8377 A3C0 A5F2 ECBB CA3B 4607 4319 537C 5846
12:20 p.m.
On Mon, Mar 22, 2010 at 2:05 PM, Daniel J Walsh <dwalsh(a)redhat.com> wrote:
Be careful on suggesting people disable SELinux. Better to put the
machine into permissive mode if you suspect that SELinux is blocking the
access. Also much better to check the audit.log to see if SELinux is
complaining.
This is not an selinux issue - the summary is as follows:
Thunderbird sends signed mail to Thunderbird - all is fine
Thunderbird sends signed mail to Evolution - all is fine
Evolution sends signed mail to Evolution - all is fine
Evolution sends signed mail to Thunderbird and Thunderbird complains
about "signature verification failed" - so this is either a bug in Evo
or in TB (I am using TB 3.1b2 but it is more than likely this will be
the same in earlier versions -
If anyone else uses signed mail and can confirm this behaviour it
would be useful - I would report this against bugzilla but I need to
know which component is the underlying problem.
--
mike c
9:05 a.m.
On 03/21/2010 02:31 PM, Michael Miles wrote:
On 03/21/2010 11:12 AM, mike cloaked wrote:
> On Sun, Mar 21, 2010 at 5:25 PM, Michael Miles<mmamiga6(a)gmail.com> wrote:
>
>
>
>> This is how I solved my Evolution problem....... Use Thunderbird
>>
>>
>>
> Well I do use Thunderbird - but it also has its own deficiencies -
> like it does not have the facility to make "local" storage use maildir
> format - only mbox.
> That is why I was exploring other mail cients.
>
>
> I myself have had too many problems with Evolution.
>
I could not even get an account set up. There are problems with
Thunderbird as well but between all the problems it is still the one for me.
Have you tried to disable Selinux then see if your problem fixes itself.
Just a guess
mmamiga6
Be careful on suggesting people disable SELinux. Better to put the
machine into permissive mode if you suspect that SELinux is blocking the
access. Also much better to check the audit.log to see if SELinux is
complaining.
ausearch -m avc -ts recent
Will show all recent SELinux AVC messages.
2:21 p.m.
On Sun, Mar 21, 2010 at 6:31 PM, Michael Miles <mmamiga6(a)gmail.com> wrote:
On 03/21/2010 11:12 AM, mike cloaked wrote:
> On Sun, Mar 21, 2010 at 5:25 PM, Michael Miles<mmamiga6(a)gmail.com> wrote:
>
>
>> This is how I solved my Evolution problem....... Use Thunderbird
>>
>>
> Well I do use Thunderbird - but it also has its own deficiencies -
> like it does not have the facility to make "local" storage use maildir
> format - only mbox.
> That is why I was exploring other mail cients.
>
>
> I myself have had too many problems with Evolution.
I could not even get an account set up. There are problems with
Thunderbird as well but between all the problems it is still the one for me.
Have you tried to disable Selinux then see if your problem fixes itself.
Just a guess
It is not likely to be selinux involved since I can send and receive
signed mail on the same machine via Thunderbird perfectly well.
--
mike c
1:31 p.m.
On 03/21/2010 11:12 AM, mike cloaked wrote:
On Sun, Mar 21, 2010 at 5:25 PM, Michael
Miles<mmamiga6(a)gmail.com> wrote:
> This is how I solved my Evolution problem....... Use Thunderbird
>
>
Well I do use Thunderbird - but it also has its own deficiencies -
like it does not have the facility to make "local" storage use maildir
format - only mbox.
That is why I was exploring other mail cients.
I myself have had too many problems with Evolution.
I could not even get an account
set up. There are problems with
Thunderbird as well but between all the problems it is still the one for me.
Have you tried to disable Selinux then see if your problem fixes itself.
Just a guess
mmamiga6
1:15 p.m.
On Sun, Mar 21, 2010 at 5:47 PM, Ranjan Maitra <maitra(a)iastate.edu> wrote:
I prefer claws-mail: would that work for you?
Ranjan
I understand that Claws mail will not send html mail - and I want to
be able to do so - I know there are some users who will go into
apoplexy at the mere mention of sending HTML mail but there are some
mail (especially in the business world) that just has to be HTML to
retain table formatting for example so any mail client that can't do
it is sub-optimal. There should at least be a choice even if the
default is not to use HTML mail - and yes I know that Claws has a
plugin to "read" HTML mail.....
--
mike c
1:12 p.m.
On Sun, Mar 21, 2010 at 5:25 PM, Michael Miles <mmamiga6(a)gmail.com> wrote:
This is how I solved my Evolution problem....... Use Thunderbird
Well I do use Thunderbird - but it also has its own deficiencies -
like it does not have the facility to make "local" storage use maildir
format - only mbox.
That is why I was exploring other mail cients.
--
mike c
12:47 p.m.
I prefer claws-mail: would that work for you?
Ranjan
On Sun, 21 Mar 2010 10:25:50 -0700 Michael Miles <mmamiga6(a)gmail.com>
wrote:
On 03/21/2010 09:34 AM, mike cloaked wrote:
> I have a problem with Evolution email signing on send that I can't
> solve. GPG signature on receive seems fine from mail that I have sent
> from a Thunderbird client, and it has a GPG line with "Valid
> signature".
>
> For a long time now I have been using Thunderbird with the enigmail
> extension to send and receive signed and/or encrypted mail - perfectly
> successfully.
>
> I decided to give Evolution a try - mostly it works, including syncing
> caldav calendars nicely. I then set up GPG in the security section
> and selected my key ID. Then I sent a test mail that was GPG signed.
> In the Sent mail folder the outgoing mail in Evolution looks normal
> and within Evolution it says that the mail was signed just fine (i.e.
> Valid signature). However when this mail is received in Thunderbird
> the top strip on the mail (within Thunderbird) is pink instead of
> green, and the OpenPGP status says "Error - signature verification
> failed; click on 'Details' button for more information " - clicking on
> the details gives the Security Info as
>
> "OpenPGP Security Info
>
> Error - signature verification failed
>
> gpg command line and output:
> /usr/bin/gpg
> gpg: Signature made Sun 21 Mar 2010 11:40:25 AM GMT using RSA key ID XXXXXX
> gpg: BAD signature from "xxxxxxxxx (New rsa
key)<mike(a)my-email-server.com>"
>
> Has anyone else come across this behaviour and if so do you know what
> it needed to make GPG signing behave normally?
>
> Thanks
>
>
This is how I solved my Evolution problem....... Use Thunderbird
--
users mailing list
users(a)lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
12:25 p.m.
On 03/21/2010 09:34 AM, mike cloaked wrote:
I have a problem with Evolution email signing on send that I
can't
solve. GPG signature on receive seems fine from mail that I have sent
from a Thunderbird client, and it has a GPG line with "Valid
signature".
For a long time now I have been using Thunderbird with the enigmail
extension to send and receive signed and/or encrypted mail - perfectly
successfully.
I decided to give Evolution a try - mostly it works, including syncing
caldav calendars nicely. I then set up GPG in the security section
and selected my key ID. Then I sent a test mail that was GPG signed.
In the Sent mail folder the outgoing mail in Evolution looks normal
and within Evolution it says that the mail was signed just fine (i.e.
Valid signature). However when this mail is received in Thunderbird
the top strip on the mail (within Thunderbird) is pink instead of
green, and the OpenPGP status says "Error - signature verification
failed; click on 'Details' button for more information " - clicking on
the details gives the Security Info as
"OpenPGP Security Info
Error - signature verification failed
gpg command line and output:
/usr/bin/gpg
gpg: Signature made Sun 21 Mar 2010 11:40:25 AM GMT using RSA key ID XXXXXX
gpg: BAD signature from "xxxxxxxxx (New rsa
key)<mike(a)my-email-server.com>"
Has anyone else come across this behaviour and if so do you know what
it needed to make GPG signing behave normally?
Thanks
This is how I solved my Evolution problem....... Use Thunderbird
11:41 a.m.
On Sun, Mar 21, 2010 at 4:34 PM, mike cloaked <mike.cloaked(a)gmail.com> wrote:
I have a problem with Evolution email signing on send that I
can't
solve. GPG signature on receive seems fine from mail that I have sent
I should have also said that this is on a current and up to date F12
machine running evolution-2.28.3-1.fc12.i686
--
mike c
5198
days inactive
5202
days old
33 comments
7 participants
participants (7)
-
Daniel J Walsh -
Jerry Feldman -
Michael Miles -
mike cloaked -
Patrick O'Callaghan -
Ranjan Maitra -
Tim