Back to Community Threads
Problems with emails containing .P7M attachments (which are digitally signed PDF documents)
Problem reported by Gabriele Maoret - SERSIS - 10/23/2023 at 12:02 AM
Resolved
I have a problem with some messages not being readable in webmail and I only see this (see below).

the problem occurs even if I MYSELF write an email from SmarterMail webmail and simply attach a signed file (typically a signed PDF that has the extension .p7m).

In this case, after sending the email, I can't even read the email myself (which I find in the SENT ITEMS folder) because the above warning appears...

This is starting to be a BIG problem, because more and more users are reporting it to me.

Some of these customers come from Kerio Connect and they confirm to me that with Kerio Connect webmail everything worked normally.
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Kyle Kerst Replied
10/24/2023 at 4:35 PM
Employee Post
Can I have you submit a ticket on this including an example PDF file? I see you've had posts on this once or twice with some limited discussion in the past, are these the same types of files? Perhaps we can have you reevaluate these on the beta? Thanks Gabriele!
Kyle Kerst
Lead Internal Network/System Administrator
SmarterTools Inc.
Gabriele Maoret - SERSIS Replied
10/24/2023 at 7:24 PM
Hi Kyle!
I'll open a ticket on this tomorrow
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Roger Replied
10/24/2023 at 9:55 PM
I think I know this kind of message. Maybe when a Public Cert is published and the sender encrypts the mail but in the receiving mailflow there is no decryption appliance with the private key to decrypt the mail. Decrypting can not be done by smartermail itself.
Gabriele Maoret - SERSIS Replied
10/25/2023 at 1:31 AM
Ticket opened and file attached
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Gabriele Maoret - SERSIS Replied
10/25/2023 at 1:49 AM
I add some new info.

This is an example email that has the problem (this is only the case because it contains a .P7M attachment):




However, if I try to "forward", the email becomes readable, even with the .P7M attachment:



It seems that the problem is just a display BUG, not a limitation of the SmarterMail webmail...
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Kyle Kerst Replied
10/25/2023 at 6:45 AM
Employee Post
Thanks Gabriele, I'll check out your ticket today. From what I understand though, these types of files (P7M) are encrypted messages rather than encrypted PDF files. If this was simply an encrypted PDF I would expect the message itself to load and display as expected, but in the case of encrypted messages there isn't a decryption mechanism built into webmail that is capable of reading the encrypted contents. We have made improvements in later builds on supporting them client side though (where those mechanisms exist) and so I'd like to see how this setup works in one of our test environments so we can advise you for the future. Have a good one!
Kyle Kerst
Lead Internal Network/System Administrator
SmarterTools Inc.
Gabriele Maoret - SERSIS Replied
10/25/2023 at 8:07 AM
You're almost right Kyle, they are encrypted CONTAINER (they can contain more than one file), generally used in Italy for signed PDFs, but they can also contain other types of files.

But I wouldn't call them MESSAGES.

BUT the problem is: in SmarterMail webmail, if I write an email (with some descriptive text in the body of the message) and attach a .P7M file to this email, the text in the body of the email also it becomes unreadable, but I still see the .P7M attachment and can download it...

I don't need SmarterMail to decrypt the contents of the .P7M attachment and let me read it (to do this I will download the attachment and open it with the right software on my PC).

What I need is to read the text in the body of the email message, which is written in plain text using SmarterMail webmail...
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Employee Replied
10/26/2023 at 10:20 AM
Employee Post
Hi Gabriele,

Thank you for the file you provided in your support ticket. I was able to replicate this behavior. It looks like webmail is replacing the message body with the "This message is encrypted..." warning whenever it detects a P7M file extension. We'll get this resolved! 
Gabriele Maoret - SERSIS Replied
10/26/2023 at 10:23 AM
Thx Andrea!
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Employee Replied
11/2/2023 at 12:07 PM
Employee Post
Hi Gabriele, 

This has been addressed. SmarterMail now distinguishes between an encrypted email and one that simply contains a p7m attachment. You'll see this change in our next BETA release. As such, I'll mark this thread as Resolved.

Kind regards,
Gabriele Maoret - SERSIS Replied
11/2/2023 at 12:21 PM
Thx!
Gabriele Maoret - Head of SysAdmins and CISO at SERSIS
Currently manages 6 SmarterMail installations (1 in the cloud for SERSIS which provides services to a few hundred third-party email domains + 5 on-premise for customers who prefer to have their mail server in-house)
Back to Community Threads

Reply to Thread

Enter the verification text
Related Knowledge Base Articles
Key Feature and Version Milestones in SmarterMailSmarterMail
Outlook (MAPI) encoding for some types of embedded filesSmarterMail > Desktop and Mobile Synchronization
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
TLS 1.0/1.1 Deprecation InformationGeneral Topics
Remote Server returned: '602' errorSmarterMail > Troubleshooting