outlook-message-parser icon indicating copy to clipboard operation
outlook-message-parser copied to clipboard

Published 20 hours ago verified publisher icon bbottema

Accessing S/MIME properties in Outlook files

Open bbottema opened this issue 3 years ago • 2 comments

See https://github.com/bbottema/simple-java-mail/issues/377

bbottema avatar Jan 22 '22 10:01 bbottema

Hello,

looks to me like this happens because the identification of S/MIME messages via ContentType (in extractSMimeHeader()) is a bit too strict. Certain ContentTypes will be identified as signed/encrypted but others (also valid ones) are not.

This is being identified correctly, for example:

  • Content-Type: application/pkcs7-mime; name="smime.p7m"; smime-type=enveloped-data

This isn't (should be valid though):

  • Content-Type: application/pkcs7-mime;
  • Content-Type: multipart/signed; protocol="application/pkcs7-signature";

Based on https://datatracker.ietf.org/doc/html/rfc5751#page-32 there are 3 cases we would need to cover. I revised the matches a bit and put all properties not necessary for identification in as optional. Maybe, those cases should use the specified classes for them (OutlookSmimeMultipartSigned / OutlookSmimeApplicationOctetStream / OutlookSmimeApplicationSmime)?

Unfortunately there is another case - sometimes the ContentType is "application/ms-tnef; name="winmail.dat"". Probably a Exchange default in certain versions. When this happens we can still go through all attachments and/or the messageClass to find matches there. Issue #40 has a example email for this.

In addition to all of this identifying S/MIME from msg-properties (in OutlookMessage().setProperty) quite often is not executed because the required properties are not available - not sure why... Maybe it has something to do with the MS-OXMSG protocol version which was used to extract the msg-file with (i.e. Outlook version). I haven't found any good solution for this but the identification by ContentType should always be working as it isn't msg-file specific.

I added a PR with a possible fix so you can take a look.

After doing all of this I ran some emails through simple-java-mail with the changes from above and I encountered two little issues:

  1. When I try to convert a signed plaintext-only email from msg to eml the process fails with a NPE after logging this warning: "SMIMESupport - S/MIME signed content type not recognized, please raise an issue for class java.lang.String"

  2. After converting a signed msg to eml: The email headers are not kept. So clients don't recognise the email as S/MIME any more because the header is now: "{Message-ID=[generated-for-smime-signed-attachment@simple-java-mail]}".

Let me know if I should add issues for those over at simple-java-mail with some more details.

Symphily avatar Feb 02 '22 17:02 Symphily

@bbottema I am facing the same, can you re-evaluate this issue, please?

roy20021 avatar Mar 04 '24 12:03 roy20021