Digital Signature becomes invalid when SMSMSE scans the message
search cancel

Digital Signature becomes invalid when SMSMSE scans the message

book

Article ID: 153067

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

Email client reports that email digital signature is "invalid".  Some email software report a security problem with the email message because the digital signature is not valid.  The email program may report the email message is tampered with.  The email program may report the digital signature has been tampered with.

 

Conditions

  • Email message contains a digital signature.

1. Open the email message in an editor.
2. Look for a Content-Type header with a protocol of application/x-pkcs7-signature.  The following is an example:
 

Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=SHA1; boundary="----=_Part_119314_18824474.1291999242911"
  • Email message has Content-Type and Content-Disposition headers modified with the addition of double quote characters (") in the body of the email.


1. Open the received email message processed by SMSMSE in an editor.
2. Look for the Content-Type and Content-Disposition headers in the body of the email.  The following is an example:
 


------=_Part_119310_8607556.1291999242871
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
  <title></title>
</head>
<body bgcolor="#ffffcc">

 

Notice the double quotes around the charset value.  These were added by SMSMSE.  The double quote characters are not present in the original message.

  •  The message has not been modified by SMSMSE due to a content filtering rule.

    1. Open the SMSMSE administration console.
    2. Click on the Policies tab.
    3. Click on Content Enforcement|Content Filtering Rules.
    4. Find any Enabled rule where the Disposition is Quarantine attachment/message body and replace with text.
    5. Ensure that the message has not been altered by this rule.

     

 

Cause

SMSMSE is changing the body of the email message with the addition of double quotes in the MIME section separators.  This causes the digital signature to not match the body of the email message.  Email programs then report the problem with the digital signature.

Resolution

To prevent modification of the body of email messages during SMTP scanning, implement the following registry key:

  1. Open the registry editor (Start -> Run, regedit).
  2. Navigate to HKLM\Software\Wow6432Node\Symantec\SMSMSE\<Version>\Server\Components\SMTP.
  3. Create a new DWORD value called "RecursionEnabled" (case sensitive) and set the value to 1.
  4. Restart the Exchange Transport service and the Symantec Mail Security for Microsoft Exchange service.

Applies To

  • SMSMSE version is 6.5 or higher.
Powered by Wolken Software