Bug 1377586 - Can not disable protected headers in enigmail
Summary: Can not disable protected headers in enigmail
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: thunderbird-enigmail
Version: epel7
Hardware: x86_64
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Christian Dersch
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-09-20 07:30 UTC by Thomas Huth
Modified: 2018-06-12 18:08 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2018-06-12 18:08:06 UTC
Type: Bug

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Thomas Huth 2016-09-20 07:30:13 UTC 
Description of problem:
Since the last big update of Thunderbird in RHEL (from version Thunderbird/38.8.0 to Thunderbird/45.2 I think) and the likely accompanying update of enigmail, some of my signed e-mails are showing up as mails with bad signature on the receiver side when I sent them to certain mailing lists. After having a closer look at the mail in my "Sent" folder (which has a good signature) and the mail that I received back from the mailing list, it seems like something (likely mailman?) inbetween changed some spaces into tabs in the first mime section of my mail. Looks like this first mime section is some kind of extended e-mail header from enigmail which is used to protect some mail header fields - if I've got that right, it's the "Memory Hole" standard (http://modernpgp.org/memoryhole/) thing. This was not available with Thunderbird 38 but seems now to be enabled by default with Thunderbird 45.

Now since this protected mail headers apparently not work when sending mails to mailing list or certain mail servers, and it's quite unlikely to fix all mail servers out there, I'd like to switch that feature off again. After doing some research, I found that there is a "extensions.enigmail.protectHeaders" settings in the advanced config editor, but it is already set to "false" and changing it does not seem to make any difference. So this seems like a bug to me - there must be a way to switch these protected headers off again!

Version-Release number of selected component (if applicable):
thunderbird-enigmail-1.9.4-1.el7.noarch
thunderbird-45.3.0-1.el7_2.x86_64

How reproducible:
100%

Steps to Reproduce:
1. Make sure that extensions.enigmail.protectHeaders is set to false
2. Send a PGP/GPG signed mail
3. Have a look at the sources of the mail in the "Sent" folder

Actual results:
The body of the mail still starts with protected headers, e.g.:

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--hauaRbVqFcLmwGj8bWvD5SmW6GcmOEhhd
Content-Type: multipart/mixed; boundary="qWXPChRpWfcuhnw1IaG4CB5hm1cCehOeM"
From: Thomas Huth <thuth>
To: thuth
Message-ID: <20e32a4d-deca-823f-8cc5-d591d82ec519>
Subject: test


--qWXPChRpWfcuhnw1IaG4CB5hm1cCehOeM--


Expected results:
No more such protected headers if extensions.enigmail.protectHeaders is set to false
Comment 2 Thomas Huth 2016-09-23 13:29:27 UTC 
I just noticed that enigmail is (unlike thunderbird itself) in EPEL, not in RHEL, so changing the product accordingly. I also installed the new version of thunderbird-enigmail (version 1.9.5) today, but seems like the problem still persists.
Comment 3 Thomas Huth 2016-09-26 11:44:30 UTC 
I've now also reported the bug upstream:
https://sourceforge.net/p/enigmail/bugs/642/
Comment 4 Thomas Huth 2018-06-12 18:08:06 UTC 
According to the upstream bug ticket, this has been solved in Enigmail 2.0 (which is now available in EPEL), so I think we can close this now. Protected headers can now be switched on and off in the Enigmail Preferences -> Advanced tab (it's the "Encrypt subject by default" option if I've got that right).
Note You need to log in before you can comment on or make changes to this bug.