Hi Hamish, > Just realised after my earlier message this morning, that Enigmail can't > verify the digital signature I attached to my email - when I received my > own copy, it says "unverified signature" and in the details it says "BAD > signature". See attached image.
No attached image? > However, when I email myself between my different email accounts with > this signature, it verifies just fine. Does anyone know why this might > be happening? It has piqued my curiosity It's probably that Mailman is altering the email sufficiently as it passes through. https://www.enigmail.net/index.php/en/user-manual/handbook-faq#Signature_and_Verification I don't know Enigmail, but I assume it's signing the peer part of the MIME email according to some RFC. $ mhlist -nov msg part type/subtype size description 42 multipart/mixed 2713 1 multipart/signed 2034 1.1 multipart/mixed 843 1.1.1 multipart/mixed 663 1.1.1.1 text/plain 452 1.2 application/pgp-signatur 833 OpenPGP digital signature 2 text/plain 221 I'd guess either the Content-Transfer-Encoding of the signed part is being altered, or the structure of the MIME email is being changed, e.g. the addition of an extra multipart/mixed level. -- Cheers, Ralph. -- Next meeting: BEC, Bournemouth, Tuesday, 2020-02-04 20:00 Check to whom you are replying Meetings, mailing list, IRC, ... http://dorset.lug.org.uk/ New thread, don't hijack: mailto:dorset@mailman.lug.org.uk
