Email client reports that email digital signature is "invalid". Some email software report a security problem with the email message because the digital signature is not valid. The email program may report the email message is tampered with. The email program may report the digital signature has been tampered with.
Email message contains a digital signature.
1. Open the email message in an editor. 2. Look for a Content-Type header with a protocol of application/x-pkcs7-signature. The following is an example:
Email message has Content-Type and Content-Disposition headers modified with the addition of double quote characters (") in the body of the email.
1. Open the received email message processed by SMSMSE in an editor. 2. Look for the Content-Type and Content-Disposition headers in the body of the email. The following is an example:
------=_Part_119310_8607556.1291999242871 Content-Type: text/html; charset="ISO-8859-1" Content-Transfer-Encoding: 7bit <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html> <head> <title></title> </head> <body bgcolor="#ffffcc">
Notice the double quotes around the charset value. These were added by SMSMSE. The double quote characters are not present in the original message.
The message has not been modified by SMSMSE due to a content filtering rule.
1. Open the SMSMSE administration console. 2. Click on the Policies tab. 3. Click on Content Enforcement|Content Filtering Rules. 4. Find any Enabled rule where the Disposition is Quarantine attachment/message body and replace with text. 5. Ensure that the message has not been altered by this rule.
SMSMSE is changing the body of the email message with the addition of double quotes in the MIME section separators. This causes the digital signature to not match the body of the email message. Email programs then report the problem with the digital signature.
To prevent modification of the body of email messages during SMTP scanning, implement the following registry key:
Open the registry editor (Start -> Run, regedit).
Navigate to HKLM\Software\Wow6432Node\Symantec\SMSMSE\<Version>\Server\Components\SMTP.
Create a new DWORD value called "RecursionEnabled" (case sensitive) and set the value to 1.
Restart the Exchange Transport service and the Symantec Mail Security for Microsoft Exchange service.
SMSMSE version is 6.5 or higher.
Digital signature becomes invalid if message is scanned by SMSMSE 6.5.2 when the original message does not include double quotes (") in content-type lines
Imported Document ID: TECH147332
Subscribing will provide email updates when this Article is updated. Login is required.