Digitally Signed messages cannot be verified
in [Outlook Express]
|
Prev: ghghgh
Next: OE sent file folder
From: Michael Feldbau on 22 Dec 2009 23:49 Thanks Robert and Mike. You have been most cooperative. Regards, Michael ------------------------------------------------------------- "PA Bear [MS MVP]" wrote: > [Thanks, Mike!] > > Michael Santovec wrote: > > Unfortunately, I know very little about signed messages. They seem a > > lot more bother than they are worth. > > > > Since Microsoft hasn't made any updates to OE for ages, it's not likely > > that's responsible for the sudden changes. > > > > Although OE does use some system and IE DLL files, it possible that some > > changes there have affected OE's behavior. > > > > Other potential culprits would include anti-virus or anti-spam software > > that the messages pass through or some change at the mail service that > > receives the messages. > > > > > > "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message > > news:#i3k1lygKHA.3792(a)TK2MSFTNGP02.phx.gbl... > >> I've asked my MVP colleague Michael Santovec to take a look at your > >> thread. Hopefully he'll be posting a reply soon. > >> > >> Michael Feldbau wrote: > >>> See answers next to the questions. > >>> ------------------------------------------------- > >>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message > >>> news:%23KMll4tgKHA.2104(a)TK2MSFTNGP05.phx.gbl... > >>>> OE Tools | Options | Read | Read all messages in plain text (checked > >>>> or > >>>> unchecked?) UNCHECKED > >>>> > >>>> OE Tools | Options | Security: Is OE running in Restricted Sites > >>>> zone and > >>>> are the "Do not download attachments..." and "Block images..." > >>>> options > >>>> both unchecked? I CLEARED BOTH, OE IS RUNNING IN RESTRICTED ZONE. > >>>> DIDN'T HELP > >>>> > >>>> Michael Feldbau wrote: > >>>>> Dear Robert, > >>>>> > >>>>> I have investigated the issue thoroughly and I wish to share my > >>>>> findings > >>>>> with you. > >>>>> 1. The raw signed message received is structured as follows: Header > >>>>> part, > >>>>> then one p7m attachment. (I know that, since another application of > >>>>> mine > >>>>> is > >>>>> generating those signed messages). > >>>>> > >>>>> 2. After the message is received in the Inbox, I performed > >>>>> File|Save As > >>>>> (eml > >>>>> format). Then I renamed the saved file to have the TXT suffix in > >>>>> order to > >>>>> review the raw message. > >>>>> Surprisingly, no indication of the original format, i.e. the p7m > >>>>> attachment > >>>>> has been rplaced with the interpreted content of the p7m signed > >>>>> message, > >>>>> that is with the unsigned internal message. > >>>>> This means that when the raw signed message was received, the p7m > >>>>> attachment > >>>>> was interpreted, and the internal message (intended to be signed) > >>>>> was > >>>>> extracted, and the signed envelope has been removed - and no > >>>>> evidence > >>>>> thereof has been retained. > >>>>> > >>>>> Since this suddenly occured on 2 separate computers of mine, after > >>>>> I have > >>>>> been working with all versions of OE since version 4, this, to my > >>>>> opinion > >>>>> has been caused by a software update of MS. > >>>>> > >>>>> I would appreciate your assistance since i have many customers > >>>>> which > >>>>> might > >>>>> be affected by this problem. > >>>>> > >>>>> Regards, > >>>>> Michael > >>>>> > >>>>> > >>>>> --------------------------------------------------------------------------------- > >>>>> "Michael Feldbau" <MichaelFeldbau(a)discussions.microsoft.com> wrote > >>>>> in > >>>>> message news:91A97712-5EB3-4BCA-8315-C1E77578F078(a)microsoft.com... > >>>>>> Just installed the November '09 root certificate update. > >>>>>> Didn't help. > >>>>>> > >>>>>> Regards, > >>>>>> Michael > >>>>>> ------------------------------------------------- > >>>>>> > >>>>>> "PA Bear [MS MVP]" wrote: > >>>>>> > >>>>>>> I'd asked you to go to http://windowsupdate.microsoft.com, run a > >>>>>>> CUSTOM > >>>>>>> scan > >>>>>>> for updates, check the Optional Software Updates category on the > >>>>>>> left-hand > >>>>>>> side to see if a Root Certificates update was offered, and then > >>>>>>> to > >>>>>>> install > >>>>>>> it if there was one. Did you do so? > >>>>>>> > >>>>>>> Michael Feldbau wrote: > >>>>>>>> I have installed ALL 92 updates (except for SP3 and IE8). I > >>>>>>>> can't > >>>>>>>> remember > >>>>>>>> if a root certificate update was among them. Would you like to > >>>>>>>> check > >>>>>>>> for > >>>>>>>> some specific new CA which can indicate that the update has > >>>>>>>> indeed > >>>>>>>> been > >>>>>>>> installed ? > >>>>>>>> > >>>>>>>>> Was a Root Certificates update available and did you install > >>>>>>>>> it? > >>>>>>>>> > >>>>>>>>> Michael Feldbau wrote: > >>>>>>>>>> Thanks Robert. > >>>>>>>>>> > >>>>>>>>>> Nothing helped at this stage. > >>>>>>>>>> The problem occures also on another computer of mine. > >>>>>>>>>> Anything more that I can do? > >>>>>>>>>> > >>>>>>>>>>> 1. I wanted to see if installing the most recent Root > >>>>>>>>>>> Certificates > >>>>>>>>>>> update > >>>>>>>>>>> might resolve the behavior. In Vista and Win7, Root > >>>>>>>>>>> Certificates > >>>>>>>>>>> updates > >>>>>>>>>>> are installed automatically via Automatic Updates but WinXP > >>>>>>>>>>> users > >>>>>>>>>>> must > >>>>>>>>>>> check for & install them manually. (Root Certificates > >>>>>>>>>>> updates are > >>>>>>>>>>> generally released every 3 months or so. The most recent > >>>>>>>>>>> update > >>>>>>>>>>> became > >>>>>>>>>>> available c. 24 Nov-09.) > >>>>>>>>>>> > >>>>>>>>>>> 2. I don't recommend installing Service Packs or IE upgrades > >>>>>>>>>>> via > >>>>>>>>>>> Windows > >>>>>>>>>>> Update/Automatic Updates. > >>>>>>>>>>> > >>>>>>>>>>> Michael Feldbau wrote: > >>>>>>>>>>>> Thanks Robert for the detalied response. > >>>>>>>>>>>> One small question just to avoid confusion: on one hand you > >>>>>>>>>>>> urge me to install WIN XP SP3, but later you asked NOT to > >>>>>>>>>>>> install > >>>>>>>>>>>> SP3. > >>>>>>>>>>>> Could you explain please...? > >>>>>>>>>>>> > >>>>>>>>>>>> I haven't installed IE8 nor SP3. > >>>>>>>>>>>> The answer to all your question is YES. > >>>>>>>>>>>> The problem persists. > >>>>>>>>>>>> > >>>>>>>>>>>> Strangely this happens on another computer of mine too. > >>>>>>>>>>>> Some tech info might help: > >>>>>>>>>>>> > >>>>>>>>>>>> 1. The received message consists header part and one p7m > >>>>>>>>>>>> attachment > >>>>>>>>>>>> (signed > >>>>>>>>>>>> message). I know that beause an application of mine > >>>>>>>>>>>> generates > >>>>>>>>>>>> these > >>>>>>>>>>>> messages. > >>>>>>>>>>>> > >>>>>>>>>>>> 2. Previously OE treated the attachment as a secured > >>>>>>>>>>>> message, and > >>>>>>>>>>>> when > >>>>>>>>>>>> performing File|Properties|Details - it provided a button > >>>>>>>>>>>> "secure > >>>>>>>>>>>> message > >>>>>>>>>>>> source". If at this point you perform File|Save As (eml), > >>>>>>>>>>>> the > >>>>>>>>>>>> secure > >>>>>>>>>>>> message > >>>>>>>>>>>> is saved. > >>>>>>>>>>>> Now this option is unavailable. OE automatically decrypts > >>>>>>>>>>>> the > >>>>>>>>>>>> secure > >>>>>>>>>>>> message, identifies the message in the Inbox folder as a > >>>>>>>>>>>> signed > >>>>>>>>>>>> message, > >>>>>>>>>>>> but > >>>>>>>>>>>> when the message is opened, there's no indication of digital > >>>>>>>>>>>> signature. > >>>>>>>>>>>> Moreover, if you perform File|Save As (eml) - then the > >>>>>>>>>>>> decrypted > >>>>>>>>>>>> unsigned > >>>>>>>>>>>> message is saved, as though the message was never signed. > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> > >>>>>>>>>>>> Thanks again, > >>>>>>>>>>>> Michael > >>>>>>>>>>>> > >>>>>>>>>>>> "PA Bear [MS MVP]" <PABearMVP(a)gmail.com> wrote in message > >>>>>>>>>>>> news:OirHsSQgKHA.1112(a)TK2MSFTNGP04.phx.gbl... > >>>>>>>>>>>>> 1. Please post to this newsgroup in Plain Text, Michael, > >>>>>>>>>>>>> otherwise > >>>>>>>>>>>>> your > >>>>>>>>>>>>> right-to-left default makes it almost impossible to read > >>>>>>>>>>>>> your > >>>>>>>>>>>>> messages. > >>>>>>>>>>>>> Thanks. > >>>>>>>>>>>>> > >>>>>>>>>>>>> 2. Why isn't WinXP SP3 installed yet? > >>>>>>>>>>>>> > >>>>>>>>>>>>> Computers running WinXP SP2 will NOT be offered any further > >>>>>>>>>>>>> critical > >>>>>>>>>>>>> security updates, Automatic Updates will cease to function, > >>>>>>>>>>>>> and > >>>>>>>>>>>>> Windows > >>>>>>>>>>>>> Update website will not be available after 10 July 2010 > >>>>>>>>>>>>> until SP3 > >>>>>>>>>>>>> is > >>>>>>>>>>>>> installed. > >>>>>>>>>>>>> > >>>>>>>>>>>>> 3a. Make sure your time, date, and time-zone settings are > >>>>>>>>>>>>> all > >>>>>>>>>>>>> correct. > >>>>>>>>>>>>> > >>>>>>>>>>>>> 3b. Open Internet Explorer (only) to > >>>>>>>>>>>>> http://update.microsoft.com/microsoftupdate | Select CUSTOM > >>>>>>>>>>>>> and > >>>>>>>>>>>>> scan > >>>>>>>>>>>>>> > >>>>>>>>>>>>> Install any Critical Security Updates offered (e.g., > >>>>>>>>>>>>> KB976325). > >>>>>>>>>>>>> If a > >>>>>>>>>>>>> Root > >>>>>>>>>>>>> Certificates update is listed in the Optional Software > >>>>>>>>>>>>> Updates > >>>>>>>>>>>>> category > >>>>>>>>>>>>> on > >>>>>>>>>>>>> the left, install it to take full advantage of IE's > >>>>>>>>>>>>> enhanced > >>>>>>>>>>>>> security. > >>>>>>>>>>>>> > >>>>>>>>>>>>> NB: Do NOT install SP3 or IE8! Hide both/either of them > >>>>>>>>>>>>> ("Don't > >>>>>>>>>>>>> show > >>>>>>>>>>>>> me > >>>>>>>>>>>>> this update again") for now if necessary, please. > >>>>>>>>>>>>> > >>>>>>>>>>>>> Does the behavior persist now? > >>>>>>>>>>>>> > >>>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | > >>>>>>>>>>>>> Add > >>>>>>>>>>>>> senders'certificates to my Address Book: Is this option > >>>>>>>>>>>>> checked/enabled > >>>>>>>>>>>>> and does your correspondents' entries in Address Book > >>>>>>>>>>>>> include > >>>>>>>>>>>>> their > >>>>>>>>>>>>> Digital IDs? > >>>>>>>>>>>>> > >>>>>>>>>>>>> OE Tools | Options | Security | Secure Mail | Advanced | > >>>>>>>>>>>>> Revocation > >>>>>>>>>>>>> Checking: Which option is checked/enabled here? > >>>>>>>>>>>>> > >>>>>>>>>>>>> -- > >>>>>>>>>>>>> ~Robear Dyer (PA Bear) > >>>>>>>>>>>>> MS MVP-IE, Mail, Security, Windows Client - since 2002 > >>>>>>>>>>>>> www.banthecheck.com > >>>>>>>>>>>>> > >>>>>>>>>>>>> Michael Feldbau wrote: > >>>>>>>>>>>>>> I am working with OE back from Ver.4. > >>>>>>>>>>>>>> I have now OE V6 SP2. My OS is XP Pro SP2 > >>>>>>>>>>>>>> I receive digitally signed messages on daily basis. In the > >>>>>>>>>>>>>> Inbox > >>>>>>>>>>>>>> folder > >>>>>>>>>>>>>> it > >>>>>>>>>>>>>> displays the red signature button. However when I open the > >>>>>>>>>>>>>> messages > >>>>>>>>>>>>>> it > >>>>>>>>>>>>>> doesn't indicate that the message is signed. > >>>>>>>>>>>>>> This began only recently (I suspect after I upgraded to IE > >>>>>>>>>>>>>> 7). > >>>>>>>>>>>>>> Beforehand, > >>>>>>>>>>>>>> for many years it did indicate the red signature icon on > >>>>>>>>>>>>>> open > >>>>>>>>>>>>>> messages. > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> Hence, I cannot perform signature verification at this > >>>>>>>>>>>>>> point. > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> Could anybody advise? > >>>>>>>>>>>>>> > >>>>>>>>>>>>>> Gratefuly, > >>>>>>>>>>>>>> Michael > >>>>>>>>>>>>>> > >>>>>>>>>>>>>>
From: HUSSEIN.ALKOLDI on 6 Jan 2010 11:44
???? ????? "Michael Feldbau" <miki_f(a)netvision.net.il> ?? ????? ???????:Osq8jcOgKHA.5608(a)TK2MSFTNGP05.phx.gbl... Hello, I am working with OE back from Ver.4. I have now OE V6 SP2. My OS is XP Pro SP2 I receive digitally signed messages on daily basis. In the Inbox folder it displays the red signature button. However when I open the messages it doesn't indicate that the message is signed. This began only recently (I suspect after I upgraded to IE 7). Beforehand, for many years it did indicate the red signature icon on open messages. Hence, I cannot perform signature verification at this point. Could anybody advise? Gratefuly, Michael __________ Information from ESET NOD32 Antivirus, version of virus signature database 4702 (20091219) __________ The message was checked by ESET NOD32 Antivirus. http://www.eset.com |