Digitally Signed messages cannot be verified
in [Outlook Express]
|
Prev: ghghgh
Next: OE sent file folder
From: PA Bear [MS MVP] on 22 Dec 2009 03:04 OE Tools | Options | Read | Read all messages in plain text (checked or unchecked?) OE Tools | Options | Security: Is OE running in Restricted Sites zone and are the "Do not download attachments..." and "Block images..." options both unchecked? Michael Feldbau wrote: > Dear Robert, > > I have investigated the issue thoroughly and I wish to share my findings > with you. > 1. The raw signed message received is structured as follows: Header part, > then one p7m attachment. (I know that, since another application of mine > is > generating those signed messages). > > 2. After the message is received in the Inbox, I performed File|Save As > (eml > format). Then I renamed the saved file to have the TXT suffix in order to > review the raw message. > Surprisingly, no indication of the original format, i.e. the p7m > attachment > has been rplaced with the interpreted content of the p7m signed message, > that is with the unsigned internal message. > This means that when the raw signed message was received, the p7m > attachment > was interpreted, and the internal message (intended to be signed) was > extracted, and the signed envelope has been removed - and no evidence > thereof has been retained. > > Since this suddenly occured on 2 separate computers of mine, after I have > been working with all versions of OE since version 4, this, to my opinion > has been caused by a software update of MS. > > I would appreciate your assistance since i have many customers which might > be affected by this problem. > > Regards, > Michael > > > --------------------------------------------------------------------------------- > "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote in > message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... >> Just installed the November '09 root certificate update. >> Didn't help. >> >> Regards, >> Michael >> ------------------------------------------------- >> >> "PA Bear [MS MVP]" wrote: >> >>> I'd asked you to go to http://windowsupdate.microsoft.com, run a CUSTOM >>> scan >>> for updates, check the Optional Software Updates category on the >>> left-hand >>> side to see if a Root Certificates update was offered, and then to >>> install >>> it if there was one. Did you do so? >>> >>> Michael Feldbau wrote: >>>> I have installed ALL 92 updates (except for SP3 and IE8). I can't >>>> remember >>>> if a root certificate update was among them. Would you like to check >>>> for >>>> some specific new CA which can indicate that the update has indeed been >>>> installed ? >>>> >>>>> Was a Root Certificates update available and did you install it? >>>>> >>>>> Michael Feldbau wrote: >>>>>> Thanks Robert. >>>>>> >>>>>> Nothing helped at this stage. >>>>>> The problem occures also on another computer of mine. >>>>>> Anything more that I can do? >>>>>> >>>>>>> 1. I wanted to see if installing the most recent Root Certificates >>>>>>> update >>>>>>> might resolve the behavior. In Vista and Win7, Root Certificates >>>>>>> updates >>>>>>> are installed automatically via Automatic Updates but WinXP users >>>>>>> must >>>>>>> check for & install them manually. (Root Certificates updates are >>>>>>> generally released every 3 months or so. The most recent update >>>>>>> became >>>>>>> available c. 24 Nov-09.) >>>>>>> >>>>>>> 2. I don't recommend installing Service Packs or IE upgrades via >>>>>>> Windows >>>>>>> Update/Automatic Updates. >>>>>>> >>>>>>> Michael Feldbau wrote: >>>>>>>> Thanks Robert for the detalied response. >>>>>>>> One small question just to avoid confusion: on one hand you >>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to install >>>>>>>> SP3. >>>>>>>> Could you explain please...? >>>>>>>> >>>>>>>> I haven't installed IE8 nor SP3. >>>>>>>> The answer to all your question is YES. >>>>>>>> The problem persists. >>>>>>>> >>>>>>>> Strangely this happens on another computer of mine too. >>>>>>>> Some tech info might help: >>>>>>>> >>>>>>>> 1. The received message consists header part and one p7m attachment >>>>>>>> (signed >>>>>>>> message). I know that beause an application of mine generates these >>>>>>>> messages. >>>>>>>> >>>>>>>> 2. Previously OE treated the attachment as a secured message, and >>>>>>>> when >>>>>>>> performing File|Properties|Details - it provided a button "secure >>>>>>>> message >>>>>>>> source". If at this point you perform File|Save As (eml), the >>>>>>>> secure >>>>>>>> message >>>>>>>> is saved. >>>>>>>> Now this option is unavailable. OE automatically decrypts the >>>>>>>> secure >>>>>>>> message, identifies the message in the Inbox folder as a signed >>>>>>>> message, >>>>>>>> but >>>>>>>> when the message is opened, there's no indication of digital >>>>>>>> signature. >>>>>>>> Moreover, if you perform File|Save As (eml) - then the decrypted >>>>>>>> unsigned >>>>>>>> message is saved, as though the message was never signed. >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> Thanks again, >>>>>>>> Michael >>>>>>>> >>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... >>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, otherwise >>>>>>>>> your >>>>>>>>> right-to-left default makes it almost impossible to read your >>>>>>>>> messages. >>>>>>>>> Thanks. >>>>>>>>> >>>>>>>>> 2. Why isn't WinXP SP3 installed yet? >>>>>>>>> >>>>>>>>> Computers running WinXP SP2 will NOT be offered any further >>>>>>>>> critical >>>>>>>>> security updates, Automatic Updates will cease to function, and >>>>>>>>> Windows >>>>>>>>> Update website will not be available after 10 July 2010 until SP3 >>>>>>>>> is >>>>>>>>> installed. >>>>>>>>> >>>>>>>>> 3a. Make sure your time, date, and time-zone settings are all >>>>>>>>> correct. >>>>>>>>> >>>>>>>>> 3b. Open Internet Explorer (only) to >>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM and >>>>>>>>> scan >>>>>>>>>> >>>>>>>>> Install any Critical Security Updates offered (e.g., KB976325). >>>>>>>>> If a >>>>>>>>> Root >>>>>>>>> Certificates update is listed in the Optional Software Updates >>>>>>>>> category >>>>>>>>> on >>>>>>>>> the left, install it to take full advantage of IE's enhanced >>>>>>>>> security. >>>>>>>>> >>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them ("Don't >>>>>>>>> show >>>>>>>>> me >>>>>>>>> this update again") for now if necessary, please. >>>>>>>>> >>>>>>>>> Does the behavior persist now? >>>>>>>>> >>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | Add >>>>>>>>> senders'certificates to my Address Book: Is this option >>>>>>>>> checked/enabled >>>>>>>>> and does your correspondents' entries in Address Book include >>>>>>>>> their >>>>>>>>> Digital IDs? >>>>>>>>> >>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>> Revocation >>>>>>>>> Checking: Which option is checked/enabled here? >>>>>>>>> >>>>>>>>> -- >>>>>>>>> ~Robear Dyer (PA Bear) >>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>>>>> www.banthecheck.com >>>>>>>>> >>>>>>>>> Michael Feldbau wrote: >>>>>>>>>> I am working with OE back from Ver.4. >>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 >>>>>>>>>> I receive digitally signed messages on daily basis. In the Inbox >>>>>>>>>> folder >>>>>>>>>> it >>>>>>>>>> displays the red signature button. However when I open the >>>>>>>>>> messages >>>>>>>>>> it >>>>>>>>>> doesn't indicate that the message is signed. >>>>>>>>>> This began only recently (I suspect after I upgraded to IE 7). >>>>>>>>>> Beforehand, >>>>>>>>>> for many years it did indicate the red signature icon on open >>>>>>>>>> messages. >>>>>>>>>> >>>>>>>>>> Hence, I cannot perform signature verification at this point. >>>>>>>>>> >>>>>>>>>> Could anybody advise? >>>>>>>>>> >>>>>>>>>> Gratefuly, >>>>>>>>>> Michael >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>> virus >>>>>>>>>> signature >>>>>>>>>> database 4702 (20091219) __________ >>>>>>>>>> >>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>> >>>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>>> signature database 4702 (20091219) __________ >>>>>>>>> >>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>> >>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>> signature database 4703 (20091220) __________ >>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>> >>>>>>>> http://www.eset.com >>>>>>> >>>>>>> >>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>> signature database 4704 (20091220) __________ >>>>>>> >>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>> >>>>>>> http://www.eset.com >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>> signature database 4704 (20091220) __________ >>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>> >>>>>> http://www.eset.com >>>>> >>>>> >>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>> signature database 4704 (20091220) __________ >>>>> >>>>> The message was checked by ESET NOD32 Antivirus. >>>>> >>>>> http://www.eset.com >>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>> signature database 4704 (20091220) __________ >>>> The message was checked by ESET NOD32 Antivirus. >>>> >>>> http://www.eset.com >>> >>> . >>> >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 4707 (20091221) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> >> > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 4707 (20091221) __________ > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com
From: Michael Feldbau on 22 Dec 2009 03:58 See answers next to the questions. ------------------------------------------------- "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message news:%23KMll4tgKHA.2104(a)TK2MSFTNGP05.phx.gbl... > OE Tools | Options | Read | Read all messages in plain text (checked or > unchecked?) UNCHECKED > > OE Tools | Options | Security: Is OE running in Restricted Sites zone and > are the "Do not download attachments..." and "Block images..." options > both unchecked? I CLEARED BOTH, OE IS RUNNING IN RESTRICTED ZONE. > DIDN'T HELP > > Michael Feldbau wrote: >> Dear Robert, >> >> I have investigated the issue thoroughly and I wish to share my findings >> with you. >> 1. The raw signed message received is structured as follows: Header part, >> then one p7m attachment. (I know that, since another application of mine >> is >> generating those signed messages). >> >> 2. After the message is received in the Inbox, I performed File|Save As >> (eml >> format). Then I renamed the saved file to have the TXT suffix in order to >> review the raw message. >> Surprisingly, no indication of the original format, i.e. the p7m >> attachment >> has been rplaced with the interpreted content of the p7m signed message, >> that is with the unsigned internal message. >> This means that when the raw signed message was received, the p7m >> attachment >> was interpreted, and the internal message (intended to be signed) was >> extracted, and the signed envelope has been removed - and no evidence >> thereof has been retained. >> >> Since this suddenly occured on 2 separate computers of mine, after I have >> been working with all versions of OE since version 4, this, to my opinion >> has been caused by a software update of MS. >> >> I would appreciate your assistance since i have many customers which >> might >> be affected by this problem. >> >> Regards, >> Michael >> >> >> --------------------------------------------------------------------------------- >> "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote in >> message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... >>> Just installed the November '09 root certificate update. >>> Didn't help. >>> >>> Regards, >>> Michael >>> ------------------------------------------------- >>> >>> "PA Bear [MS MVP]" wrote: >>> >>>> I'd asked you to go to http://windowsupdate.microsoft.com, run a CUSTOM >>>> scan >>>> for updates, check the Optional Software Updates category on the >>>> left-hand >>>> side to see if a Root Certificates update was offered, and then to >>>> install >>>> it if there was one. Did you do so? >>>> >>>> Michael Feldbau wrote: >>>>> I have installed ALL 92 updates (except for SP3 and IE8). I can't >>>>> remember >>>>> if a root certificate update was among them. Would you like to check >>>>> for >>>>> some specific new CA which can indicate that the update has indeed >>>>> been >>>>> installed ? >>>>> >>>>>> Was a Root Certificates update available and did you install it? >>>>>> >>>>>> Michael Feldbau wrote: >>>>>>> Thanks Robert. >>>>>>> >>>>>>> Nothing helped at this stage. >>>>>>> The problem occures also on another computer of mine. >>>>>>> Anything more that I can do? >>>>>>> >>>>>>>> 1. I wanted to see if installing the most recent Root Certificates >>>>>>>> update >>>>>>>> might resolve the behavior. In Vista and Win7, Root Certificates >>>>>>>> updates >>>>>>>> are installed automatically via Automatic Updates but WinXP users >>>>>>>> must >>>>>>>> check for & install them manually. (Root Certificates updates are >>>>>>>> generally released every 3 months or so. The most recent update >>>>>>>> became >>>>>>>> available c. 24 Nov-09.) >>>>>>>> >>>>>>>> 2. I don't recommend installing Service Packs or IE upgrades via >>>>>>>> Windows >>>>>>>> Update/Automatic Updates. >>>>>>>> >>>>>>>> Michael Feldbau wrote: >>>>>>>>> Thanks Robert for the detalied response. >>>>>>>>> One small question just to avoid confusion: on one hand you >>>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to install >>>>>>>>> SP3. >>>>>>>>> Could you explain please...? >>>>>>>>> >>>>>>>>> I haven't installed IE8 nor SP3. >>>>>>>>> The answer to all your question is YES. >>>>>>>>> The problem persists. >>>>>>>>> >>>>>>>>> Strangely this happens on another computer of mine too. >>>>>>>>> Some tech info might help: >>>>>>>>> >>>>>>>>> 1. The received message consists header part and one p7m >>>>>>>>> attachment >>>>>>>>> (signed >>>>>>>>> message). I know that beause an application of mine generates >>>>>>>>> these >>>>>>>>> messages. >>>>>>>>> >>>>>>>>> 2. Previously OE treated the attachment as a secured message, and >>>>>>>>> when >>>>>>>>> performing File|Properties|Details - it provided a button "secure >>>>>>>>> message >>>>>>>>> source". If at this point you perform File|Save As (eml), the >>>>>>>>> secure >>>>>>>>> message >>>>>>>>> is saved. >>>>>>>>> Now this option is unavailable. OE automatically decrypts the >>>>>>>>> secure >>>>>>>>> message, identifies the message in the Inbox folder as a signed >>>>>>>>> message, >>>>>>>>> but >>>>>>>>> when the message is opened, there's no indication of digital >>>>>>>>> signature. >>>>>>>>> Moreover, if you perform File|Save As (eml) - then the decrypted >>>>>>>>> unsigned >>>>>>>>> message is saved, as though the message was never signed. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks again, >>>>>>>>> Michael >>>>>>>>> >>>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... >>>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, >>>>>>>>>> otherwise >>>>>>>>>> your >>>>>>>>>> right-to-left default makes it almost impossible to read your >>>>>>>>>> messages. >>>>>>>>>> Thanks. >>>>>>>>>> >>>>>>>>>> 2. Why isn't WinXP SP3 installed yet? >>>>>>>>>> >>>>>>>>>> Computers running WinXP SP2 will NOT be offered any further >>>>>>>>>> critical >>>>>>>>>> security updates, Automatic Updates will cease to function, and >>>>>>>>>> Windows >>>>>>>>>> Update website will not be available after 10 July 2010 until SP3 >>>>>>>>>> is >>>>>>>>>> installed. >>>>>>>>>> >>>>>>>>>> 3a. Make sure your time, date, and time-zone settings are all >>>>>>>>>> correct. >>>>>>>>>> >>>>>>>>>> 3b. Open Internet Explorer (only) to >>>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM and >>>>>>>>>> scan >>>>>>>>>>> >>>>>>>>>> Install any Critical Security Updates offered (e.g., KB976325). >>>>>>>>>> If a >>>>>>>>>> Root >>>>>>>>>> Certificates update is listed in the Optional Software Updates >>>>>>>>>> category >>>>>>>>>> on >>>>>>>>>> the left, install it to take full advantage of IE's enhanced >>>>>>>>>> security. >>>>>>>>>> >>>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them ("Don't >>>>>>>>>> show >>>>>>>>>> me >>>>>>>>>> this update again") for now if necessary, please. >>>>>>>>>> >>>>>>>>>> Does the behavior persist now? >>>>>>>>>> >>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | Add >>>>>>>>>> senders'certificates to my Address Book: Is this option >>>>>>>>>> checked/enabled >>>>>>>>>> and does your correspondents' entries in Address Book include >>>>>>>>>> their >>>>>>>>>> Digital IDs? >>>>>>>>>> >>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>> Revocation >>>>>>>>>> Checking: Which option is checked/enabled here? >>>>>>>>>> >>>>>>>>>> -- >>>>>>>>>> ~Robear Dyer (PA Bear) >>>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>>>>>> www.banthecheck.com >>>>>>>>>> >>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>> I am working with OE back from Ver.4. >>>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 >>>>>>>>>>> I receive digitally signed messages on daily basis. In the Inbox >>>>>>>>>>> folder >>>>>>>>>>> it >>>>>>>>>>> displays the red signature button. However when I open the >>>>>>>>>>> messages >>>>>>>>>>> it >>>>>>>>>>> doesn't indicate that the message is signed. >>>>>>>>>>> This began only recently (I suspect after I upgraded to IE 7). >>>>>>>>>>> Beforehand, >>>>>>>>>>> for many years it did indicate the red signature icon on open >>>>>>>>>>> messages. >>>>>>>>>>> >>>>>>>>>>> Hence, I cannot perform signature verification at this point. >>>>>>>>>>> >>>>>>>>>>> Could anybody advise? >>>>>>>>>>> >>>>>>>>>>> Gratefuly, >>>>>>>>>>> Michael >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>> virus >>>>>>>>>>> signature >>>>>>>>>>> database 4702 (20091219) __________ >>>>>>>>>>> >>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>> >>>>>>>>>>> http://www.eset.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>> virus >>>>>>>>>> signature database 4702 (20091219) __________ >>>>>>>>>> >>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>> >>>>>>>>>> http://www.eset.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>>> signature database 4703 (20091220) __________ >>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>> >>>>>>>>> http://www.eset.com >>>>>>>> >>>>>>>> >>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>> signature database 4704 (20091220) __________ >>>>>>>> >>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>> >>>>>>>> http://www.eset.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>> signature database 4704 (20091220) __________ >>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>> >>>>>>> http://www.eset.com >>>>>> >>>>>> >>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>> signature database 4704 (20091220) __________ >>>>>> >>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>> >>>>>> http://www.eset.com >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>> signature database 4704 (20091220) __________ >>>>> The message was checked by ESET NOD32 Antivirus. >>>>> >>>>> http://www.eset.com >>>> >>>> . >>>> >>> >>> __________ Information from ESET NOD32 Antivirus, version of virus >>> signature database 4707 (20091221) __________ >>> >>> The message was checked by ESET NOD32 Antivirus. >>> >>> http://www.eset.com >>> >>> >>> >> >> >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 4707 (20091221) __________ >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 4707 (20091221) __________ > > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com > > > __________ Information from ESET NOD32 Antivirus, version of virus signature database 4707 (20091221) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com
From: PA Bear [MS MVP] on 22 Dec 2009 12:03 I've asked my MVP colleague Michael Santovec to take a look at your thread. Hopefully he'll be posting a reply soon. Michael Feldbau wrote: > See answers next to the questions. > ------------------------------------------------- > "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message > news:%23KMll4tgKHA.2104(a)TK2MSFTNGP05.phx.gbl... >> OE Tools | Options | Read | Read all messages in plain text (checked or >> unchecked?) UNCHECKED >> >> OE Tools | Options | Security: Is OE running in Restricted Sites zone and >> are the "Do not download attachments..." and "Block images..." options >> both unchecked? I CLEARED BOTH, OE IS RUNNING IN RESTRICTED ZONE. >> DIDN'T HELP >> >> Michael Feldbau wrote: >>> Dear Robert, >>> >>> I have investigated the issue thoroughly and I wish to share my findings >>> with you. >>> 1. The raw signed message received is structured as follows: Header >>> part, >>> then one p7m attachment. (I know that, since another application of mine >>> is >>> generating those signed messages). >>> >>> 2. After the message is received in the Inbox, I performed File|Save As >>> (eml >>> format). Then I renamed the saved file to have the TXT suffix in order >>> to >>> review the raw message. >>> Surprisingly, no indication of the original format, i.e. the p7m >>> attachment >>> has been rplaced with the interpreted content of the p7m signed message, >>> that is with the unsigned internal message. >>> This means that when the raw signed message was received, the p7m >>> attachment >>> was interpreted, and the internal message (intended to be signed) was >>> extracted, and the signed envelope has been removed - and no evidence >>> thereof has been retained. >>> >>> Since this suddenly occured on 2 separate computers of mine, after I >>> have >>> been working with all versions of OE since version 4, this, to my >>> opinion >>> has been caused by a software update of MS. >>> >>> I would appreciate your assistance since i have many customers which >>> might >>> be affected by this problem. >>> >>> Regards, >>> Michael >>> >>> >>> --------------------------------------------------------------------------------- >>> "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote in >>> message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... >>>> Just installed the November '09 root certificate update. >>>> Didn't help. >>>> >>>> Regards, >>>> Michael >>>> ------------------------------------------------- >>>> >>>> "PA Bear [MS MVP]" wrote: >>>> >>>>> I'd asked you to go to http://windowsupdate.microsoft.com, run a >>>>> CUSTOM >>>>> scan >>>>> for updates, check the Optional Software Updates category on the >>>>> left-hand >>>>> side to see if a Root Certificates update was offered, and then to >>>>> install >>>>> it if there was one. Did you do so? >>>>> >>>>> Michael Feldbau wrote: >>>>>> I have installed ALL 92 updates (except for SP3 and IE8). I can't >>>>>> remember >>>>>> if a root certificate update was among them. Would you like to check >>>>>> for >>>>>> some specific new CA which can indicate that the update has indeed >>>>>> been >>>>>> installed ? >>>>>> >>>>>>> Was a Root Certificates update available and did you install it? >>>>>>> >>>>>>> Michael Feldbau wrote: >>>>>>>> Thanks Robert. >>>>>>>> >>>>>>>> Nothing helped at this stage. >>>>>>>> The problem occures also on another computer of mine. >>>>>>>> Anything more that I can do? >>>>>>>> >>>>>>>>> 1. I wanted to see if installing the most recent Root Certificates >>>>>>>>> update >>>>>>>>> might resolve the behavior. In Vista and Win7, Root Certificates >>>>>>>>> updates >>>>>>>>> are installed automatically via Automatic Updates but WinXP users >>>>>>>>> must >>>>>>>>> check for & install them manually. (Root Certificates updates are >>>>>>>>> generally released every 3 months or so. The most recent update >>>>>>>>> became >>>>>>>>> available c. 24 Nov-09.) >>>>>>>>> >>>>>>>>> 2. I don't recommend installing Service Packs or IE upgrades via >>>>>>>>> Windows >>>>>>>>> Update/Automatic Updates. >>>>>>>>> >>>>>>>>> Michael Feldbau wrote: >>>>>>>>>> Thanks Robert for the detalied response. >>>>>>>>>> One small question just to avoid confusion: on one hand you >>>>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to install >>>>>>>>>> SP3. >>>>>>>>>> Could you explain please...? >>>>>>>>>> >>>>>>>>>> I haven't installed IE8 nor SP3. >>>>>>>>>> The answer to all your question is YES. >>>>>>>>>> The problem persists. >>>>>>>>>> >>>>>>>>>> Strangely this happens on another computer of mine too. >>>>>>>>>> Some tech info might help: >>>>>>>>>> >>>>>>>>>> 1. The received message consists header part and one p7m >>>>>>>>>> attachment >>>>>>>>>> (signed >>>>>>>>>> message). I know that beause an application of mine generates >>>>>>>>>> these >>>>>>>>>> messages. >>>>>>>>>> >>>>>>>>>> 2. Previously OE treated the attachment as a secured message, and >>>>>>>>>> when >>>>>>>>>> performing File|Properties|Details - it provided a button "secure >>>>>>>>>> message >>>>>>>>>> source". If at this point you perform File|Save As (eml), the >>>>>>>>>> secure >>>>>>>>>> message >>>>>>>>>> is saved. >>>>>>>>>> Now this option is unavailable. OE automatically decrypts the >>>>>>>>>> secure >>>>>>>>>> message, identifies the message in the Inbox folder as a signed >>>>>>>>>> message, >>>>>>>>>> but >>>>>>>>>> when the message is opened, there's no indication of digital >>>>>>>>>> signature. >>>>>>>>>> Moreover, if you perform File|Save As (eml) - then the decrypted >>>>>>>>>> unsigned >>>>>>>>>> message is saved, as though the message was never signed. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> Thanks again, >>>>>>>>>> Michael >>>>>>>>>> >>>>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>>>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... >>>>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, >>>>>>>>>>> otherwise >>>>>>>>>>> your >>>>>>>>>>> right-to-left default makes it almost impossible to read your >>>>>>>>>>> messages. >>>>>>>>>>> Thanks. >>>>>>>>>>> >>>>>>>>>>> 2. Why isn't WinXP SP3 installed yet? >>>>>>>>>>> >>>>>>>>>>> Computers running WinXP SP2 will NOT be offered any further >>>>>>>>>>> critical >>>>>>>>>>> security updates, Automatic Updates will cease to function, and >>>>>>>>>>> Windows >>>>>>>>>>> Update website will not be available after 10 July 2010 until >>>>>>>>>>> SP3 >>>>>>>>>>> is >>>>>>>>>>> installed. >>>>>>>>>>> >>>>>>>>>>> 3a. Make sure your time, date, and time-zone settings are all >>>>>>>>>>> correct. >>>>>>>>>>> >>>>>>>>>>> 3b. Open Internet Explorer (only) to >>>>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM and >>>>>>>>>>> scan >>>>>>>>>>>> >>>>>>>>>>> Install any Critical Security Updates offered (e.g., KB976325). >>>>>>>>>>> If a >>>>>>>>>>> Root >>>>>>>>>>> Certificates update is listed in the Optional Software Updates >>>>>>>>>>> category >>>>>>>>>>> on >>>>>>>>>>> the left, install it to take full advantage of IE's enhanced >>>>>>>>>>> security. >>>>>>>>>>> >>>>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them ("Don't >>>>>>>>>>> show >>>>>>>>>>> me >>>>>>>>>>> this update again") for now if necessary, please. >>>>>>>>>>> >>>>>>>>>>> Does the behavior persist now? >>>>>>>>>>> >>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | Add >>>>>>>>>>> senders'certificates to my Address Book: Is this option >>>>>>>>>>> checked/enabled >>>>>>>>>>> and does your correspondents' entries in Address Book include >>>>>>>>>>> their >>>>>>>>>>> Digital IDs? >>>>>>>>>>> >>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>>> Revocation >>>>>>>>>>> Checking: Which option is checked/enabled here? >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> ~Robear Dyer (PA Bear) >>>>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>>>>>>> www.banthecheck.com >>>>>>>>>>> >>>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>>> I am working with OE back from Ver.4. >>>>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 >>>>>>>>>>>> I receive digitally signed messages on daily basis. In the >>>>>>>>>>>> Inbox >>>>>>>>>>>> folder >>>>>>>>>>>> it >>>>>>>>>>>> displays the red signature button. However when I open the >>>>>>>>>>>> messages >>>>>>>>>>>> it >>>>>>>>>>>> doesn't indicate that the message is signed. >>>>>>>>>>>> This began only recently (I suspect after I upgraded to IE 7). >>>>>>>>>>>> Beforehand, >>>>>>>>>>>> for many years it did indicate the red signature icon on open >>>>>>>>>>>> messages. >>>>>>>>>>>> >>>>>>>>>>>> Hence, I cannot perform signature verification at this point. >>>>>>>>>>>> >>>>>>>>>>>> Could anybody advise? >>>>>>>>>>>> >>>>>>>>>>>> Gratefuly, >>>>>>>>>>>> Michael >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>>> virus >>>>>>>>>>>> signature >>>>>>>>>>>> database 4702 (20091219) __________ >>>>>>>>>>>> >>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>> >>>>>>>>>>>> http://www.eset.com >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>> virus >>>>>>>>>>> signature database 4702 (20091219) __________ >>>>>>>>>>> >>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>> >>>>>>>>>>> http://www.eset.com >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>> virus >>>>>>>>>> signature database 4703 (20091220) __________ >>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>> >>>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>> >>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>> >>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>>> signature database 4704 (20091220) __________ >>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>> >>>>>>>> http://www.eset.com >>>>>>> >>>>>>> >>>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>>> signature database 4704 (20091220) __________ >>>>>>> >>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>> >>>>>>> http://www.eset.com >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>> signature database 4704 (20091220) __________ >>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>> >>>>>> http://www.eset.com >>>>> >>>>> . >>>>> >>>> >>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>> signature database 4707 (20091221) __________ >>>> >>>> The message was checked by ESET NOD32 Antivirus. >>>> >>>> http://www.eset.com >>>> >>>> >>>> >>> >>> >>> >>> __________ Information from ESET NOD32 Antivirus, version of virus >>> signature database 4707 (20091221) __________ >>> The message was checked by ESET NOD32 Antivirus. >>> >>> http://www.eset.com >> >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 4707 (20091221) __________ >> >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >> >> >> > > > > __________ Information from ESET NOD32 Antivirus, version of virus > signature database 4707 (20091221) __________ > The message was checked by ESET NOD32 Antivirus. > > http://www.eset.com
From: Michael Santovec on 22 Dec 2009 14:56 Unfortunately, I know very little about signed messages. They seem a lot more bother than they are worth. Since Microsoft hasn't made any updates to OE for ages, it's not likely that's responsible for the sudden changes. Although OE does use some system and IE DLL files, it possible that some changes there have affected OE's behavior. Other potential culprits would include anti-virus or anti-spam software that the messages pass through or some change at the mail service that receives the messages. -- Mike - http://TechHelp.Santovec.us "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message news:#i3k1lygKHA.3792(a)TK2MSFTNGP02.phx.gbl... > I've asked my MVP colleague Michael Santovec to take a look at your > thread. Hopefully he'll be posting a reply soon. > > Michael Feldbau wrote: >> See answers next to the questions. >> ------------------------------------------------- >> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >> news:%23KMll4tgKHA.2104(a)TK2MSFTNGP05.phx.gbl... >>> OE Tools | Options | Read | Read all messages in plain text (checked >>> or >>> unchecked?) UNCHECKED >>> >>> OE Tools | Options | Security: Is OE running in Restricted Sites >>> zone and >>> are the "Do not download attachments..." and "Block images..." >>> options >>> both unchecked? I CLEARED BOTH, OE IS RUNNING IN RESTRICTED ZONE. >>> DIDN'T HELP >>> >>> Michael Feldbau wrote: >>>> Dear Robert, >>>> >>>> I have investigated the issue thoroughly and I wish to share my >>>> findings >>>> with you. >>>> 1. The raw signed message received is structured as follows: Header >>>> part, >>>> then one p7m attachment. (I know that, since another application of >>>> mine >>>> is >>>> generating those signed messages). >>>> >>>> 2. After the message is received in the Inbox, I performed >>>> File|Save As >>>> (eml >>>> format). Then I renamed the saved file to have the TXT suffix in >>>> order to >>>> review the raw message. >>>> Surprisingly, no indication of the original format, i.e. the p7m >>>> attachment >>>> has been rplaced with the interpreted content of the p7m signed >>>> message, >>>> that is with the unsigned internal message. >>>> This means that when the raw signed message was received, the p7m >>>> attachment >>>> was interpreted, and the internal message (intended to be signed) >>>> was >>>> extracted, and the signed envelope has been removed - and no >>>> evidence >>>> thereof has been retained. >>>> >>>> Since this suddenly occured on 2 separate computers of mine, after >>>> I have >>>> been working with all versions of OE since version 4, this, to my >>>> opinion >>>> has been caused by a software update of MS. >>>> >>>> I would appreciate your assistance since i have many customers >>>> which >>>> might >>>> be affected by this problem. >>>> >>>> Regards, >>>> Michael >>>> >>>> >>>> --------------------------------------------------------------------------------- >>>> "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote >>>> in >>>> message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... >>>>> Just installed the November '09 root certificate update. >>>>> Didn't help. >>>>> >>>>> Regards, >>>>> Michael >>>>> ------------------------------------------------- >>>>> >>>>> "PA Bear [MS MVP]" wrote: >>>>> >>>>>> I'd asked you to go to http://windowsupdate.microsoft.com, run a >>>>>> CUSTOM >>>>>> scan >>>>>> for updates, check the Optional Software Updates category on the >>>>>> left-hand >>>>>> side to see if a Root Certificates update was offered, and then >>>>>> to >>>>>> install >>>>>> it if there was one. Did you do so? >>>>>> >>>>>> Michael Feldbau wrote: >>>>>>> I have installed ALL 92 updates (except for SP3 and IE8). I >>>>>>> can't >>>>>>> remember >>>>>>> if a root certificate update was among them. Would you like to >>>>>>> check >>>>>>> for >>>>>>> some specific new CA which can indicate that the update has >>>>>>> indeed >>>>>>> been >>>>>>> installed ? >>>>>>> >>>>>>>> Was a Root Certificates update available and did you install >>>>>>>> it? >>>>>>>> >>>>>>>> Michael Feldbau wrote: >>>>>>>>> Thanks Robert. >>>>>>>>> >>>>>>>>> Nothing helped at this stage. >>>>>>>>> The problem occures also on another computer of mine. >>>>>>>>> Anything more that I can do? >>>>>>>>> >>>>>>>>>> 1. I wanted to see if installing the most recent Root >>>>>>>>>> Certificates >>>>>>>>>> update >>>>>>>>>> might resolve the behavior. In Vista and Win7, Root >>>>>>>>>> Certificates >>>>>>>>>> updates >>>>>>>>>> are installed automatically via Automatic Updates but WinXP >>>>>>>>>> users >>>>>>>>>> must >>>>>>>>>> check for & install them manually. (Root Certificates >>>>>>>>>> updates are >>>>>>>>>> generally released every 3 months or so. The most recent >>>>>>>>>> update >>>>>>>>>> became >>>>>>>>>> available c. 24 Nov-09.) >>>>>>>>>> >>>>>>>>>> 2. I don't recommend installing Service Packs or IE upgrades >>>>>>>>>> via >>>>>>>>>> Windows >>>>>>>>>> Update/Automatic Updates. >>>>>>>>>> >>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>> Thanks Robert for the detalied response. >>>>>>>>>>> One small question just to avoid confusion: on one hand you >>>>>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to >>>>>>>>>>> install >>>>>>>>>>> SP3. >>>>>>>>>>> Could you explain please...? >>>>>>>>>>> >>>>>>>>>>> I haven't installed IE8 nor SP3. >>>>>>>>>>> The answer to all your question is YES. >>>>>>>>>>> The problem persists. >>>>>>>>>>> >>>>>>>>>>> Strangely this happens on another computer of mine too. >>>>>>>>>>> Some tech info might help: >>>>>>>>>>> >>>>>>>>>>> 1. The received message consists header part and one p7m >>>>>>>>>>> attachment >>>>>>>>>>> (signed >>>>>>>>>>> message). I know that beause an application of mine >>>>>>>>>>> generates >>>>>>>>>>> these >>>>>>>>>>> messages. >>>>>>>>>>> >>>>>>>>>>> 2. Previously OE treated the attachment as a secured >>>>>>>>>>> message, and >>>>>>>>>>> when >>>>>>>>>>> performing File|Properties|Details - it provided a button >>>>>>>>>>> "secure >>>>>>>>>>> message >>>>>>>>>>> source". If at this point you perform File|Save As (eml), >>>>>>>>>>> the >>>>>>>>>>> secure >>>>>>>>>>> message >>>>>>>>>>> is saved. >>>>>>>>>>> Now this option is unavailable. OE automatically decrypts >>>>>>>>>>> the >>>>>>>>>>> secure >>>>>>>>>>> message, identifies the message in the Inbox folder as a >>>>>>>>>>> signed >>>>>>>>>>> message, >>>>>>>>>>> but >>>>>>>>>>> when the message is opened, there's no indication of digital >>>>>>>>>>> signature. >>>>>>>>>>> Moreover, if you perform File|Save As (eml) - then the >>>>>>>>>>> decrypted >>>>>>>>>>> unsigned >>>>>>>>>>> message is saved, as though the message was never signed. >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Thanks again, >>>>>>>>>>> Michael >>>>>>>>>>> >>>>>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>>>>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... >>>>>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, >>>>>>>>>>>> otherwise >>>>>>>>>>>> your >>>>>>>>>>>> right-to-left default makes it almost impossible to read >>>>>>>>>>>> your >>>>>>>>>>>> messages. >>>>>>>>>>>> Thanks. >>>>>>>>>>>> >>>>>>>>>>>> 2. Why isn't WinXP SP3 installed yet? >>>>>>>>>>>> >>>>>>>>>>>> Computers running WinXP SP2 will NOT be offered any further >>>>>>>>>>>> critical >>>>>>>>>>>> security updates, Automatic Updates will cease to function, >>>>>>>>>>>> and >>>>>>>>>>>> Windows >>>>>>>>>>>> Update website will not be available after 10 July 2010 >>>>>>>>>>>> until SP3 >>>>>>>>>>>> is >>>>>>>>>>>> installed. >>>>>>>>>>>> >>>>>>>>>>>> 3a. Make sure your time, date, and time-zone settings are >>>>>>>>>>>> all >>>>>>>>>>>> correct. >>>>>>>>>>>> >>>>>>>>>>>> 3b. Open Internet Explorer (only) to >>>>>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM >>>>>>>>>>>> and >>>>>>>>>>>> scan >>>>>>>>>>>>> >>>>>>>>>>>> Install any Critical Security Updates offered (e.g., >>>>>>>>>>>> KB976325). >>>>>>>>>>>> If a >>>>>>>>>>>> Root >>>>>>>>>>>> Certificates update is listed in the Optional Software >>>>>>>>>>>> Updates >>>>>>>>>>>> category >>>>>>>>>>>> on >>>>>>>>>>>> the left, install it to take full advantage of IE's >>>>>>>>>>>> enhanced >>>>>>>>>>>> security. >>>>>>>>>>>> >>>>>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them >>>>>>>>>>>> ("Don't >>>>>>>>>>>> show >>>>>>>>>>>> me >>>>>>>>>>>> this update again") for now if necessary, please. >>>>>>>>>>>> >>>>>>>>>>>> Does the behavior persist now? >>>>>>>>>>>> >>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>>>> Add >>>>>>>>>>>> senders'certificates to my Address Book: Is this option >>>>>>>>>>>> checked/enabled >>>>>>>>>>>> and does your correspondents' entries in Address Book >>>>>>>>>>>> include >>>>>>>>>>>> their >>>>>>>>>>>> Digital IDs? >>>>>>>>>>>> >>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>>>> Revocation >>>>>>>>>>>> Checking: Which option is checked/enabled here? >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> ~Robear Dyer (PA Bear) >>>>>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>>>>>>>> www.banthecheck.com >>>>>>>>>>>> >>>>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>>>> I am working with OE back from Ver.4. >>>>>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 >>>>>>>>>>>>> I receive digitally signed messages on daily basis. In the >>>>>>>>>>>>> Inbox >>>>>>>>>>>>> folder >>>>>>>>>>>>> it >>>>>>>>>>>>> displays the red signature button. However when I open the >>>>>>>>>>>>> messages >>>>>>>>>>>>> it >>>>>>>>>>>>> doesn't indicate that the message is signed. >>>>>>>>>>>>> This began only recently (I suspect after I upgraded to IE >>>>>>>>>>>>> 7). >>>>>>>>>>>>> Beforehand, >>>>>>>>>>>>> for many years it did indicate the red signature icon on >>>>>>>>>>>>> open >>>>>>>>>>>>> messages. >>>>>>>>>>>>> >>>>>>>>>>>>> Hence, I cannot perform signature verification at this >>>>>>>>>>>>> point. >>>>>>>>>>>>> >>>>>>>>>>>>> Could anybody advise? >>>>>>>>>>>>> >>>>>>>>>>>>> Gratefuly, >>>>>>>>>>>>> Michael >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version >>>>>>>>>>>>> of >>>>>>>>>>>>> virus >>>>>>>>>>>>> signature >>>>>>>>>>>>> database 4702 (20091219) __________ >>>>>>>>>>>>> >>>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>>> >>>>>>>>>>>>> http://www.eset.com >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version >>>>>>>>>>>> of >>>>>>>>>>>> virus >>>>>>>>>>>> signature database 4702 (20091219) __________ >>>>>>>>>>>> >>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>> >>>>>>>>>>>> http://www.eset.com >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>> virus >>>>>>>>>>> signature database 4703 (20091220) __________ >>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>> >>>>>>>>>>> http://www.eset.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>> virus >>>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>>> >>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>> >>>>>>>>>> http://www.eset.com >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>> virus >>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>> >>>>>>>>> http://www.eset.com >>>>>>>> >>>>>>>> >>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>> virus >>>>>>>> signature database 4704 (20091220) __________ >>>>>>>> >>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>> >>>>>>>> http://www.eset.com >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>> virus >>>>>>> signature database 4704 (20091220) __________ >>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>> >>>>>>> http://www.eset.com >>>>>> >>>>>> . >>>>>> >>>>> >>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>> signature database 4707 (20091221) __________ >>>>> >>>>> The message was checked by ESET NOD32 Antivirus. >>>>> >>>>> http://www.eset.com >>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>> signature database 4707 (20091221) __________ >>>> The message was checked by ESET NOD32 Antivirus. >>>> >>>> http://www.eset.com >>> >>> >>> __________ Information from ESET NOD32 Antivirus, version of virus >>> signature database 4707 (20091221) __________ >>> >>> The message was checked by ESET NOD32 Antivirus. >>> >>> http://www.eset.com >>> >>> >>> >> >> >> >> __________ Information from ESET NOD32 Antivirus, version of virus >> signature database 4707 (20091221) __________ >> The message was checked by ESET NOD32 Antivirus. >> >> http://www.eset.com >
From: PA Bear [MS MVP] on 22 Dec 2009 22:47
[Thanks, Mike!] Michael Santovec wrote: > Unfortunately, I know very little about signed messages. They seem a > lot more bother than they are worth. > > Since Microsoft hasn't made any updates to OE for ages, it's not likely > that's responsible for the sudden changes. > > Although OE does use some system and IE DLL files, it possible that some > changes there have affected OE's behavior. > > Other potential culprits would include anti-virus or anti-spam software > that the messages pass through or some change at the mail service that > receives the messages. > > > "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message > news:#i3k1lygKHA.3792(a)TK2MSFTNGP02.phx.gbl... >> I've asked my MVP colleague Michael Santovec to take a look at your >> thread. Hopefully he'll be posting a reply soon. >> >> Michael Feldbau wrote: >>> See answers next to the questions. >>> ------------------------------------------------- >>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>> news:%23KMll4tgKHA.2104(a)TK2MSFTNGP05.phx.gbl... >>>> OE Tools | Options | Read | Read all messages in plain text (checked >>>> or >>>> unchecked?) UNCHECKED >>>> >>>> OE Tools | Options | Security: Is OE running in Restricted Sites >>>> zone and >>>> are the "Do not download attachments..." and "Block images..." >>>> options >>>> both unchecked? I CLEARED BOTH, OE IS RUNNING IN RESTRICTED ZONE. >>>> DIDN'T HELP >>>> >>>> Michael Feldbau wrote: >>>>> Dear Robert, >>>>> >>>>> I have investigated the issue thoroughly and I wish to share my >>>>> findings >>>>> with you. >>>>> 1. The raw signed message received is structured as follows: Header >>>>> part, >>>>> then one p7m attachment. (I know that, since another application of >>>>> mine >>>>> is >>>>> generating those signed messages). >>>>> >>>>> 2. After the message is received in the Inbox, I performed >>>>> File|Save As >>>>> (eml >>>>> format). Then I renamed the saved file to have the TXT suffix in >>>>> order to >>>>> review the raw message. >>>>> Surprisingly, no indication of the original format, i.e. the p7m >>>>> attachment >>>>> has been rplaced with the interpreted content of the p7m signed >>>>> message, >>>>> that is with the unsigned internal message. >>>>> This means that when the raw signed message was received, the p7m >>>>> attachment >>>>> was interpreted, and the internal message (intended to be signed) >>>>> was >>>>> extracted, and the signed envelope has been removed - and no >>>>> evidence >>>>> thereof has been retained. >>>>> >>>>> Since this suddenly occured on 2 separate computers of mine, after >>>>> I have >>>>> been working with all versions of OE since version 4, this, to my >>>>> opinion >>>>> has been caused by a software update of MS. >>>>> >>>>> I would appreciate your assistance since i have many customers >>>>> which >>>>> might >>>>> be affected by this problem. >>>>> >>>>> Regards, >>>>> Michael >>>>> >>>>> >>>>> --------------------------------------------------------------------------------- >>>>> "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote >>>>> in >>>>> message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... >>>>>> Just installed the November '09 root certificate update. >>>>>> Didn't help. >>>>>> >>>>>> Regards, >>>>>> Michael >>>>>> ------------------------------------------------- >>>>>> >>>>>> "PA Bear [MS MVP]" wrote: >>>>>> >>>>>>> I'd asked you to go to http://windowsupdate.microsoft.com, run a >>>>>>> CUSTOM >>>>>>> scan >>>>>>> for updates, check the Optional Software Updates category on the >>>>>>> left-hand >>>>>>> side to see if a Root Certificates update was offered, and then >>>>>>> to >>>>>>> install >>>>>>> it if there was one. Did you do so? >>>>>>> >>>>>>> Michael Feldbau wrote: >>>>>>>> I have installed ALL 92 updates (except for SP3 and IE8). I >>>>>>>> can't >>>>>>>> remember >>>>>>>> if a root certificate update was among them. Would you like to >>>>>>>> check >>>>>>>> for >>>>>>>> some specific new CA which can indicate that the update has >>>>>>>> indeed >>>>>>>> been >>>>>>>> installed ? >>>>>>>> >>>>>>>>> Was a Root Certificates update available and did you install >>>>>>>>> it? >>>>>>>>> >>>>>>>>> Michael Feldbau wrote: >>>>>>>>>> Thanks Robert. >>>>>>>>>> >>>>>>>>>> Nothing helped at this stage. >>>>>>>>>> The problem occures also on another computer of mine. >>>>>>>>>> Anything more that I can do? >>>>>>>>>> >>>>>>>>>>> 1. I wanted to see if installing the most recent Root >>>>>>>>>>> Certificates >>>>>>>>>>> update >>>>>>>>>>> might resolve the behavior. In Vista and Win7, Root >>>>>>>>>>> Certificates >>>>>>>>>>> updates >>>>>>>>>>> are installed automatically via Automatic Updates but WinXP >>>>>>>>>>> users >>>>>>>>>>> must >>>>>>>>>>> check for & install them manually. (Root Certificates >>>>>>>>>>> updates are >>>>>>>>>>> generally released every 3 months or so. The most recent >>>>>>>>>>> update >>>>>>>>>>> became >>>>>>>>>>> available c. 24 Nov-09.) >>>>>>>>>>> >>>>>>>>>>> 2. I don't recommend installing Service Packs or IE upgrades >>>>>>>>>>> via >>>>>>>>>>> Windows >>>>>>>>>>> Update/Automatic Updates. >>>>>>>>>>> >>>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>>> Thanks Robert for the detalied response. >>>>>>>>>>>> One small question just to avoid confusion: on one hand you >>>>>>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to >>>>>>>>>>>> install >>>>>>>>>>>> SP3. >>>>>>>>>>>> Could you explain please...? >>>>>>>>>>>> >>>>>>>>>>>> I haven't installed IE8 nor SP3. >>>>>>>>>>>> The answer to all your question is YES. >>>>>>>>>>>> The problem persists. >>>>>>>>>>>> >>>>>>>>>>>> Strangely this happens on another computer of mine too. >>>>>>>>>>>> Some tech info might help: >>>>>>>>>>>> >>>>>>>>>>>> 1. The received message consists header part and one p7m >>>>>>>>>>>> attachment >>>>>>>>>>>> (signed >>>>>>>>>>>> message). I know that beause an application of mine >>>>>>>>>>>> generates >>>>>>>>>>>> these >>>>>>>>>>>> messages. >>>>>>>>>>>> >>>>>>>>>>>> 2. Previously OE treated the attachment as a secured >>>>>>>>>>>> message, and >>>>>>>>>>>> when >>>>>>>>>>>> performing File|Properties|Details - it provided a button >>>>>>>>>>>> "secure >>>>>>>>>>>> message >>>>>>>>>>>> source". If at this point you perform File|Save As (eml), >>>>>>>>>>>> the >>>>>>>>>>>> secure >>>>>>>>>>>> message >>>>>>>>>>>> is saved. >>>>>>>>>>>> Now this option is unavailable. OE automatically decrypts >>>>>>>>>>>> the >>>>>>>>>>>> secure >>>>>>>>>>>> message, identifies the message in the Inbox folder as a >>>>>>>>>>>> signed >>>>>>>>>>>> message, >>>>>>>>>>>> but >>>>>>>>>>>> when the message is opened, there's no indication of digital >>>>>>>>>>>> signature. >>>>>>>>>>>> Moreover, if you perform File|Save As (eml) - then the >>>>>>>>>>>> decrypted >>>>>>>>>>>> unsigned >>>>>>>>>>>> message is saved, as though the message was never signed. >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> Thanks again, >>>>>>>>>>>> Michael >>>>>>>>>>>> >>>>>>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message >>>>>>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... >>>>>>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, >>>>>>>>>>>>> otherwise >>>>>>>>>>>>> your >>>>>>>>>>>>> right-to-left default makes it almost impossible to read >>>>>>>>>>>>> your >>>>>>>>>>>>> messages. >>>>>>>>>>>>> Thanks. >>>>>>>>>>>>> >>>>>>>>>>>>> 2. Why isn't WinXP SP3 installed yet? >>>>>>>>>>>>> >>>>>>>>>>>>> Computers running WinXP SP2 will NOT be offered any further >>>>>>>>>>>>> critical >>>>>>>>>>>>> security updates, Automatic Updates will cease to function, >>>>>>>>>>>>> and >>>>>>>>>>>>> Windows >>>>>>>>>>>>> Update website will not be available after 10 July 2010 >>>>>>>>>>>>> until SP3 >>>>>>>>>>>>> is >>>>>>>>>>>>> installed. >>>>>>>>>>>>> >>>>>>>>>>>>> 3a. Make sure your time, date, and time-zone settings are >>>>>>>>>>>>> all >>>>>>>>>>>>> correct. >>>>>>>>>>>>> >>>>>>>>>>>>> 3b. Open Internet Explorer (only) to >>>>>>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM >>>>>>>>>>>>> and >>>>>>>>>>>>> scan >>>>>>>>>>>>>> >>>>>>>>>>>>> Install any Critical Security Updates offered (e.g., >>>>>>>>>>>>> KB976325). >>>>>>>>>>>>> If a >>>>>>>>>>>>> Root >>>>>>>>>>>>> Certificates update is listed in the Optional Software >>>>>>>>>>>>> Updates >>>>>>>>>>>>> category >>>>>>>>>>>>> on >>>>>>>>>>>>> the left, install it to take full advantage of IE's >>>>>>>>>>>>> enhanced >>>>>>>>>>>>> security. >>>>>>>>>>>>> >>>>>>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them >>>>>>>>>>>>> ("Don't >>>>>>>>>>>>> show >>>>>>>>>>>>> me >>>>>>>>>>>>> this update again") for now if necessary, please. >>>>>>>>>>>>> >>>>>>>>>>>>> Does the behavior persist now? >>>>>>>>>>>>> >>>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>>>>> Add >>>>>>>>>>>>> senders'certificates to my Address Book: Is this option >>>>>>>>>>>>> checked/enabled >>>>>>>>>>>>> and does your correspondents' entries in Address Book >>>>>>>>>>>>> include >>>>>>>>>>>>> their >>>>>>>>>>>>> Digital IDs? >>>>>>>>>>>>> >>>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | >>>>>>>>>>>>> Revocation >>>>>>>>>>>>> Checking: Which option is checked/enabled here? >>>>>>>>>>>>> >>>>>>>>>>>>> -- >>>>>>>>>>>>> ~Robear Dyer (PA Bear) >>>>>>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 >>>>>>>>>>>>> www.banthecheck.com >>>>>>>>>>>>> >>>>>>>>>>>>> Michael Feldbau wrote: >>>>>>>>>>>>>> I am working with OE back from Ver.4. >>>>>>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 >>>>>>>>>>>>>> I receive digitally signed messages on daily basis. In the >>>>>>>>>>>>>> Inbox >>>>>>>>>>>>>> folder >>>>>>>>>>>>>> it >>>>>>>>>>>>>> displays the red signature button. However when I open the >>>>>>>>>>>>>> messages >>>>>>>>>>>>>> it >>>>>>>>>>>>>> doesn't indicate that the message is signed. >>>>>>>>>>>>>> This began only recently (I suspect after I upgraded to IE >>>>>>>>>>>>>> 7). >>>>>>>>>>>>>> Beforehand, >>>>>>>>>>>>>> for many years it did indicate the red signature icon on >>>>>>>>>>>>>> open >>>>>>>>>>>>>> messages. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Hence, I cannot perform signature verification at this >>>>>>>>>>>>>> point. >>>>>>>>>>>>>> >>>>>>>>>>>>>> Could anybody advise? >>>>>>>>>>>>>> >>>>>>>>>>>>>> Gratefuly, >>>>>>>>>>>>>> Michael >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version >>>>>>>>>>>>>> of >>>>>>>>>>>>>> virus >>>>>>>>>>>>>> signature >>>>>>>>>>>>>> database 4702 (20091219) __________ >>>>>>>>>>>>>> >>>>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>>>> >>>>>>>>>>>>>> http://www.eset.com >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version >>>>>>>>>>>>> of >>>>>>>>>>>>> virus >>>>>>>>>>>>> signature database 4702 (20091219) __________ >>>>>>>>>>>>> >>>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>>> >>>>>>>>>>>>> http://www.eset.com >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>>> virus >>>>>>>>>>>> signature database 4703 (20091220) __________ >>>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>>> >>>>>>>>>>>> http://www.eset.com >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>>> virus >>>>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>>>> >>>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>>> >>>>>>>>>>> http://www.eset.com >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>>> virus >>>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>>> >>>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>>> virus >>>>>>>>> signature database 4704 (20091220) __________ >>>>>>>>> >>>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>>> >>>>>>>>> http://www.eset.com >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> __________ Information from ESET NOD32 Antivirus, version of >>>>>>>> virus >>>>>>>> signature database 4704 (20091220) __________ >>>>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>>>> >>>>>>>> http://www.eset.com >>>>>>> >>>>>>> . >>>>>>> >>>>>> >>>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>>> signature database 4707 (20091221) __________ >>>>>> >>>>>> The message was checked by ESET NOD32 Antivirus. >>>>>> >>>>>> http://www.eset.com >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>>> signature database 4707 (20091221) __________ >>>>> The message was checked by ESET NOD32 Antivirus. >>>>> >>>>> http://www.eset.com >>>> >>>> >>>> __________ Information from ESET NOD32 Antivirus, version of virus >>>> signature database 4707 (20091221) __________ >>>> >>>> The message was checked by ESET NOD32 Antivirus. >>>> >>>> http://www.eset.com >>>> >>>> >>>> >>> >>> >>> >>> __________ Information from ESET NOD32 Antivirus, version of virus >>> signature database 4707 (20091221) __________ >>> The message was checked by ESET NOD32 Antivirus. >>> >>> http://www.eset.com |