Bug 505459

Summary: Possible email modification after download from IMAP may break DKIM
Product: [Frameworks and Libraries] Akonadi Reporter: Benjamin Girault <benjamin.girault>
Component: IMAP resourceAssignee: kdepim bugs <pim-bugs-null>
Status: REPORTED ---    
Severity: normal CC: carl
Priority: NOR    
Version First Reported In: 6.4.1   
Target Milestone: ---   
Platform: Arch Linux   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Benjamin Girault 2025-06-11 07:52:06 UTC 
SUMMARY

When syncing an IMAP account, it appears that emails are modified before being stored. This observed issue is (at least) with CRLF being modified. With text only emails, this alteration does not seem to prevent DKIM signature check from passing. However, with a multi-part MIME body an extra space is introduced that trigger a failed body hash check. More precisely, the emails I have have a header that ends with two CRLF sequences (checked with okteta), and then the string "This is a multi-part message in MIME format.". After syncing with kmail, the stored email has two LF characters, a space, and then the string above. Removing the space allows for a successful DKIM check.

All other CRLF sequences converted to LF do not seem to prevent DKIM checks from passing, only the space is an issue.

I checked that this is likely not an issue with the IMAP server using Thunderbird. The synced email were not altered there (CRLF kept, and no extra space), and the synced emails pass DKIM checks.

STEPS TO REPRODUCE
1. Sync IMAP account
2. Check DKIM signature with a multipart MIME body

OBSERVED RESULT

Failed DKIM verification: body hash mismatch

EXPECTED RESULT

Passed DKIM verification

SOFTWARE/OS VERSIONS
Linux/KDE Plasma: ArchLinux
KDE Plasma Version: 6.3.5
KDE Frameworks Version: 25.04.1
Qt Version: 6.9.1

ADDITIONAL INFORMATION