Developers of Sympa

[DE BOURSETTY Benoît FTRD/DTL/ISS <address@concealed>]

Hi,

We're using Sympa for collaborative work, in the "encrypted" mode (looks
like we're using the last version). We've had problems with it, especially
with MS Exchange users.

Mail that had been encrypted by MS Office and sent out on the Internet
through a MS Exchange server was not recognized by Sympa to be encrypted. We
tracked down the bug to this: MS Exchange sends encrypted mail with a
"Content-type: application/pkcs7-mime" header, whereas Sympa expects a
"Content-type: application/x-pkcs7-mime" header. In fact, in our case,
outgoing messages bore two headers, the first one being of the "pkcs7-mime"
form and the second one "x-pkcs7-mime". But, as one can see in the following
code excerpt, whether a message is encrypted or not is being decided
according to only the first Content-type header, and
"application/pkcs7-mime" is not a recognized mime type.

"src/sympa.pl":
...
if ($hdr->get('Content-Type') =~ /application\/x-pkcs7-mime/i) {
        do_log('debug2', "message is crypted");
...

In order to let Exchange clients be able to use the mailing list, we had to
modify Sympa's source code to also accept the "application/pkcs7-mime"
Mime-type. There was yet another point in the code were the same problem
occured, but i don't remember which file it was. One can easily find out
anyway grepping all files for "pcks7-mime".

Regards,

Benoît de Boursetty
benoit dot deboursetty at francetelecom dot com 
& francetelecom r&d - Network and Services Security