Problems with signed messages from Apple Mail
Dear all,
after upgrading his Mac to MacOS 12.0.1 Monterey, one of our users can not send send signed messages to lists using Apple Mail v. 15.0 (3693.20.0.1.32).
mailman3 denys the delivery of the mail with error message: host 172.19.0.4[172.19.0.4] said: 501 Message has defects (in reply to end of DATA command)
I.e. mailman does not process the message, but rejects it already in the incoming smtp session. Is that a known issue?
We use mailman3 docker installation, version info: GNU Mailman 3.3.4 (Tom Sawyer) Python 3.8.10 (default, May 6 2021, 06:30:44)
Viele Grüße,
Rainer Herbst Leiter IT-Service Phone: +49 331 7499-257 e-mail: rainer.herbst@aip.de https://www.aip.de
Leibniz-Institut für Astrophysik Potsdam (AIP) An der Sternwarte 16, 14482 Potsdam
Vorstand: Prof. Dr. Matthias Steinmetz, Wolfram Rosenbach Stiftung bürgerlichen Rechts Stiftungsverzeichnis Brandenburg: 26 742-00/7026
Mailman's content filtering has removed the following MIME parts from this message.
Content-Type: application/x-pkcs7-signature Name: smime.p7s
On 11/12/21 6:06 AM, Rainer Herbst wrote:
Dear all,
after upgrading his Mac to MacOS 12.0.1 Monterey, one of our users can not send send signed messages to lists using Apple Mail v. 15.0 (3693.20.0.1.32).
mailman3 denys the delivery of the mail with error message: host 172.19.0.4[172.19.0.4] said: 501 Message has defects (in reply to end of DATA command)
I.e. mailman does not process the message, but rejects it already in the incoming smtp session. Is that a known issue?
Incoming SMTP is relaying the message via LMTP to Mailman's LMTP runner which in turn parses the message using Python's email.message_from_bytes() method and the resultant message has defects.
Rejecting such a message outright as we do may be too harsh, but it is hard to say without seeing the message and what Python's email package thinks the defects are.
This could be a bug in Apple Mail or in the Python email module.
If you wish to see the details, you could do the following in mailman shell
import email
from mailman.email.message import Message
content = b"""\
(paste the raw message here)
"""
msg = email.message_from_bytes(content, Message)
msg.defects
This will show you what the defects are.
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
We have done some more investigation on this. The message defect is InvalidMultipartContentTransferEncodingDefect() This is caused by the presence of a Content-Transfer-Encoding: header in the headers of the multipart/signed part. This has been observed with macOS 12.0.1, Mail.app Version 15.0 (3693.20.0.1.32), and GPG Mail 6.0. We don't know if this applies to all PGP signed mail from Apple Mail 15.0 (3693.20.0.1.32) or only mail signed by GPG Mail 6.0.
The issue affects more than Mailman. In my case Thunderbird won't display the message body of such messages.
I have reported this to Apple, but have gotten no response so far.
Rainer Herbst writes:
after upgrading his Mac to MacOS 12.0.1 Monterey, one of our users can not send send signed messages to lists using Apple Mail v. 15.0 (3693.20.0.1.32).
Apple Mail is a not a good Internet citizen, not particularly friendly to recipients whose software depends on standards conformance. It doesn't surprise me that Mailman considers its output broken.
Aside from what Mark suggests to investigate on your side, you could also have the user send a "This is a test message", redact any identifying information such as domains, mailboxes, and IPs, and post it in an issue to https://gitlab.com/mailman/mailman/.
Steve
participants (3)
-
Mark Sapiro -
Rainer Herbst -
Stephen J. Turnbull