On Thu, 2025-03-27 at 09:08 +1100, Stephen Morris wrote:
> I'm trying to find a mail package that supports sensitivity headers,
> that will leave the mail on the remote server in a form that
> thunderbird can still download so that I don't lose them (I might be
> able to flag them as unread in gmail, but I need to check)
If the server has IMAP, then Evolution leaves messages them where they
are, and just has a local cache (like web browser caching) that speeds
up re-opening the same message if you go back and forth. It also can
treat Gmail's mail protocol the same way. And local mailbox, MH-format
or maildir files.
As far as I'm aware, all Evolution will do is change the been-read
status, if all you're doing with the messages is reading them, which
you can easily change back. Or you can set Evolution not see
automatically set a read status (you'd have to manually do so).
> so that I can investigate an issue at work where external emails
> tagged as sensitive don't make the inbox of a shared mailbox in
> Outlook but they do make the inbox of personal mailboxes, but if I
> use the Office 365 mail web interface the sensitive emails do make
> the inbox of the shared mailbox. If I send an email from my personal
> mailbox to the shared mailbox that I have flagged as sensitive from
> Outlook (which as far as I can see is specifying the same headers as
> the program I wrote to send the mail) the mail does make the inbox of
> the shared mailbox. Because of all this the admins are saying that
> the mail environment is working correctly therefore they cannot
> provide any assistance to resolve the issue. I'm also seeing headers
> provided by an application the organisation is using to "protect" the
> mail system from external mails, that are saying the mail source has
> not been specified in the organisations domain as a permitted mail
> source, but I see those messages in both sensitive and non-sensitive
> mails that make it to the personal mailboxes, so I'm not sure yet
> what they mean, and the admins are ignoring those messages, hence I'm
> trying to send a sensitive mail from home to see what happens with
> that, which is why I'm looking at Evolution functionality
Well, there's more than one header that can be used with sensitivity
headers, but probably only one that has some official standing.
Depending on which mail client you play with, it may pay attention to
different ones.
With Evolution, like most mail clients, you can view the source and
look at all the headers. Though that's a lot. You can configure
specific headers to be shown with the normal mail view, and it'll show
them if they exist, and not waste any space if they don't. There you
could add these, and any others you find out about:
Security
Sensitivity
x-protective-marking
x-original-protective-marking
x-classifier
The top two just appears to have plain text words describing the mail,
and appear to be the same thing as each other. I've used Evolution to
set Security header to "unclassified" on this message.
The next two have more data in them, aren't particularly user-friendly
to read, probably only intended for machine interpretation.
I think the last one is just for the name of the software they used
(janusSEAL for Outlook 2.6.2). It didn't have any other data in it.
There may be other security-related headers for this kind of thing, but
I don't have any other examples to examine. The documentation I've
found so far discusses how to use the software, not what it actually
does to the message.
If you look up email security headers, you tend to find the ones
associated with encryption, messages signatures, and anti-fraud domain
signatures.
Looking at mail clients with security setting options, there's things
like classification levels, *and* identifying the people allowed to
read it ("confidential", "all staff", kind of of thing). So I'd expect
there to be another (unknown) header to list the authorised groups.
https://www.iana.org/assignments/message-headers/message-headers.xhtml
Lists well known standardised headers, I don't know if there will be
any useful documentation, anywhere, for the headers peculiar to
particular software.
You might have to create some new messages with varying security header
choices, and look for what headers they add to the mail. You probably
won't have to post, just save a draft and view the source of the draft.
That'll also help in there being less headers to trawl through, as it
won't have gone through any mail servers.
If your problem is with a specific client or server, is there an anti-
spam filter that's bad? Are your missing mails being junked?
Is the user in question a low-status person not allowed to read certain
sensitive mails and being automatically censored?
On an operational level, considering the varying support for this, and
that people could use any mail client that you don't know about to read
messages, security warnings should also be printed in the body text at
the top of the message. Emails I received from a government body added
some text to the end of the subject line to cover that issue, but
didn't take into account long subject lines pushing that text off the
edge and out of view.
--
uname -rsvp
Linux 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.
--
_______________________________________________
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
