PGP - S/MIME signed messages
Hi *
we are receiving a few PGP-signed posts as a S/MIME attachment. Some final recipients check these, and as mailman3 does not munge them - the original mail is signed, not mailman3's final posts - those get rejected.
Does anyone have a idea how to handle this elegantly?
Thank you Peter
On Mon, Jul 28, 2025 at 11:30 PM Peter Adebahr via Mailman-users < mailman-users@mailman3.org> wrote:
Hi *
we are receiving a few PGP-signed posts as a S/MIME attachment. Some final recipients check these, and as mailman3 does not munge them - the original mail is signed, not mailman3's final posts - those get rejected.
Does anyone have a idea how to handle this elegantly?
Are you talking from a MuA's perspective? I am thinking that MuAs would handle these differently. And I also think the PGP signature is useless from a mailing list's perspective, as no one cares about the validation it provides. What happens if you set the following for the list:
Collapse alternatives = Yes Convert html to plaintext = Yes
?
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254 7 3200 0004/+254 7 2274 3223 In an Internet failure case, the #1 suspect is a constant: DNS. "Oh, the cruft.", egrep -v '^$|^.*#' ¯\_(ツ)_/¯ :-) [How to ask smart questions: http://www.catb.org/~esr/faqs/smart-questions.html]
On 7/28/25 13:29, Peter Adebahr via Mailman-users wrote:
Hi *
we are receiving a few PGP-signed posts as a S/MIME attachment. Some final recipients check these, and as mailman3 does not munge them - the original mail is signed, not mailman3's final posts - those get rejected.
I don't understand. Can you expand what you mean by "the original mail is signed, not mailman3's final posts" Do you mean the post to the list is signed, but the post from the list is not?
If so, what are your content filtering settings? For example, this list has in Pass Types:
multipart
message/rfc822
text
application/pgp-signature
application/x-pkcs7-signature
application/pkcs7-signature
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
Mark Sapiro writes:
On 7/28/25 13:29, Peter Adebahr via Mailman-users wrote:
we are receiving a few PGP-signed posts as a S/MIME attachment. Some final recipients check these, and as mailman3 does not munge them - the original mail is signed, not mailman3's final posts - those get rejected.
Besides Mark's suggestions, technically, PGP-signed and S/MIME are two different protocols. If you try to verify one with software expecting the other, it will fail. This seems unlikely (there would be reports of direct mail failing verification), but if Mark's suggestions don't help, you could verify that all the users are on the same page as to what signature protocols are being used.
Steve
-- GNU Mailman consultant (installation, migration, customization) Sirius Open Source https://www.siriusopensource.com/ Software systems consulting in Europe, North America, and Japan
participants (4)
-
Mark Sapiro -
Odhiambo Washington -
Peter Adebahr -
Stephen J. Turnbull