KMail (4.7.2 but I haven't found a bug referring to this) violates a RfC 4880 recommendation: ############################# Note: If any line begins with the string "From ", it is strongly suggested that either the Quoted-Printable or Base64 MIME encoding be applied. If Quoted-Printable is used, at least one of the characters in the string should be encoded using the hexadecimal coding rule. This is because many mail transfer and delivery agents treat "From " (the word "from" followed immediately by a space character) as the start of a new message and thus insert a right angle-bracket (>) in front of any line beginning with "From " to distinguish this case, invalidating the signature. ############################# This is not really a problem of the crypto component but the failure probably affects crypto only. Reproducible: Always Steps to Reproduce: 1. Write an email with a line beginning with "From " which is not sent as base64. Actual Results: "From " is not escaped. Expected Results: As said in the RfC quote. To see the broken signature just send the mail to a "suitable" mailing list (like the GnuPG mailing list, Mailman version 2.1.12rc1). Local storage in mbox format may "work", too.
could you paste screenshot about it ?
Created attachment 72429 [details] Screenshot of the KMail window with the non-validating signature
(In reply to comment #1) > could you paste screenshot about it ? Sure. Now I have noticed that KMail shows the escape char >. I am not familiar enough with the RfCs for emails without crypto but I guess that the MUA should strip off that one when displaying the message. For the crypto component it would be useful to check in case of both a bad signature and a ">From " whether the signature validates against a modified body (without the ">").
I think he hit two unrelated bugs: 1. violation of RFC 4880 -> I can confirm this violation also with unsigned messages 2. broken signature. Can you say, what kind of signing is broken? inline and/or mime? Can you actually load one broken mail & text as two attachments to this bug?
Actually it is RFC 3156 that recommends this behaviour. Another error that falls into this category is #286553.
Git commit 98770957d2a62437159ac3cba1882f75859adb87 by Sandro Knauß. Committed on 09/11/2013 at 14:37. Pushed by knauss into branch 'KDE/4.11'. Fix 286553 - Kmail signed emails invalid in Thunderbird w/ Enigmail Related: bug 286553 FIXED-IN: 4.11.4 REVIEW: 113750 M +46 -0 messagecomposer/job/signjob.cpp M +35 -0 messagecomposer/tests/signjobtest.cpp M +1 -0 messagecomposer/tests/signjobtest.h http://commits.kde.org/kdepim/98770957d2a62437159ac3cba1882f75859adb87
*** Bug 336069 has been marked as a duplicate of this bug. ***