Occasionally "Unverified signature" in Thunderbird - "VERIFIED" in Mailpile.

Question

Occasionally "Unverified signature" in Thunderbird - "VERIFIED" in Mailpile.

JazzTp opened this issue 4 years ago · 2 comments

If anybody wants to look into it, I can export from Mailpile and from Thunderbird and send privately this email.

Example of what happens:

I've sent an email to a correspondent from Mailpile.
I realize that I've forgotten the attachment I mention in the email body, so I choose "reply" to send him another email with the attachment
I check out the BCC sent from Mailpile accessing the same account with Thunderbird ver. 68.10.0 + Enigmail ver. 2.1.6
result: "Unverified signature".
in Mailpile: "VERIFIED".

Maybe it's just a matter of settings, or Thunderbird+Enigmail/Autocrypt versions (however, these are still the ones currently adopted in an up-to-date Ubuntu 18.04.5).

It's signed but unencrypted emails (hoping to raise awareness, already wrote to him about that).

If I also encrypt, no problem for Thunderbird+Enigmail verifying the signature.
If I send from Thunderbird, encrypting or only signing: no problem in Mailpile.

Answer 1 · 2020-10-29T04:28:25.000Z

So, I'm sending with Mailpile and checking that Thunderbird-Enigmail decrypt and verify the signature.

One situation in which the problem is happening systematically, I can repeat as will:

I'm forwarding an email with some text and its few small attachments (I'm not adding any, adding an attachment wasn't changing the outcome anyway):
- html body: 23 lines, 16620 bytes (saved then piped to wc -l)
- full message source: 437 lines, 31359 characters (saved then piped to wc -c)
Without encrypting
Signing, of course

In this case, Thunderbird-Enigmail say Unverified signature.
Clicking Details | Enigmail Security Info => the correct signing subkey.

NOTICE: while sending, Mailpile itself shows a red "x INVALID", while afterwards in the "Sent" tag the message appear as green "VERIFIED".

If I also encrypt:

when sending it's green
when decrypting with Thunderbird-Enigmail the signature is ok.

The same happens regardless having set "Prefer PGP/MIME" or "Prefer compatibility" (shutdown + restart and login done after each change to settings, to be sure).

Answer 2 · 2020-10-29T19:57:27.000Z

I'm actually unable for now to narrow it down exclusively to a precise series of steps.

Apparently there's no need to forward in order to see the problem, a simple "reply" with no attachment, if signed but not encrypted, can also give the same issue, unverified signature in Thunderbird, OK in Mailpile.

Creating a few (very short) new emails and adding an attachment, and sending to myself encrypting and signing or not encrypting and signing, I had no problems in Thunderbird, signature verified OK.

From Thunderbird to Mailpile: no problems either so far.