Problem
You send an e-mail in Outlook that
a) was digitally signed with an S/MIME certificate and
b) was not encrypted by Outlook.
Problem: The e-mail is still marked as "encrypted" at the recipient's end - even though no e-mail encryption was requested and you therefore did not activate it for the e-mail in Outlook. The recipient is not able to read the seemingly encrypted e-mail.
Explanation
This problem occurs only if you send the e-mail through an Exchange Server that subsequently adds a signature (e.g. with legal information) to sent e-mails.
In this case, the Exchange Server converts the signed e-mail, which is normally sent in p7s format, into p7m format (which is actually intended only for encrypted e-mails). Certain email clients, such as the GMX or web.de web client, cannot process emails in p7m format and therefore cannot display the email. If the recipient uses Outlook, the mail can be displayed correctly.
Recommendation: If you use an Exchange Server that inserts a signature in sent e-mails, you should only digitally sign e-mails if you can assume that the recipient uses Outlook. Otherwise, the Digitally sign this message check box should be deactivated in Outlook in the properties of a mail draft under Security settings.
Note: This Outlook/Exchange problem has been documented here because users of DRACOON for Outlook may also be affected. However, there is no direct connection with DRACOON for Outlook - it is a pure Exchange problem and also occurs when DRACOON for Outlook is not used.
Comments
0 comments
Article is closed for comments.