[ale] testing firegpg with mailman
Jeremy T. Bouse
jeremy.bouse at undergrid.net
Sun Nov 29 02:16:36 EST 2009
And another fail...
gpg command line and output:
/usr/bin/gpg
gpg: Signature made Sat 28 Nov 2009 11:00:25 PM EST using RSA key ID
6A87D3C5
gpg: BAD signature from "James P. Kinney III (Physicist, Brewer, Dad)
<jimkinney at gmail.com>"
Jim Kinney wrote:
> Fun!! your message came through just fine with good signature. I've also
> signed the reply (using FireGPG).
>
> I do have MailScanner on the ALE list incoming side. It is my
> understanding that the original message is supposed to be pristine
> unless there is a rule causing a disinfection to occur. Otherwise the
> mime is unpacked, scanned and discarded.
>
> On Sat, Nov 28, 2009 at 3:18 PM, Michael H. Warfield <mhw at wittsend.com>
> wrote:
>
> Jim,
>
> On Sat, 2009-11-28 at 14:23 -0500, Jim Kinney wrote:
> > OK. So Mailman is (maybe) munging the gpg signature. Fixing that will
> > be a challenge if it's caused by signing the wrong sections of the
> > message body.
>
> Something is not right here. I run a mailman site supporting several
> dozen lists and multiple domains (IT-ISAC, ISAC Council, +++) and I
> don't see this problem. We use gpg/pgp all the time on those lists.
> Furthermore, my own signatures through the ALE list seem to be coming
> through fine.
>
> Couple of years ago, I did run into a problem with MailScanner which
> Julian and I took a few days to shoot. In that case, MailScanner was
> unpacking the mime and then repacking it (quoted printable in that case,
> I believe). While the contents of the attachments remained unaltered,
> the encoding encapsulation changed (Mime is ambiguous on several points
> and something time MailTools or MimeTools will pack something
> differently than will Evolution or Thunderbird). We had to stipulate
> something in MailScanner where the message was passed unmolested if
> nothing was found untoward in it, rather than repacking it and sending
> it on.
>
> There are a couple of MailScanner Mime settings that could impact this
> but I seriously doubt it.
>
> Try this for a test. Send a message back to me and to the list. Just a
> Reply-All should do just fine. I can do a byte for bye, attachment for
> attachment comparison. Make SURE <mhw at wittsend.com
> <mailto:mhw at wittsend.com>> is on the cc list,
> so I get a direct copy. You should be able to verify my signatures on
> this message the same way. Compare the results from the ALE relay to
> the direct message.
>
> Regards,
> Mike
>
> > What is needed now is to test a gpg signature sent from a plain text
> > (NOT from firegpg) email through mailman. It needs to be tested
> > through both firegpg and regular text email (anyone got a quick link
> > to gpg with mutt?).
> >
> > I sent myself a test message from firegpg to myself and NOT through
> > mailman. firgpg then reported it as a good signature. That leads me to
> > think the issue _is_ with mailman.
> >
> > oh joy. criticizing a gnu codebase ....
> >
> > On Sat, Nov 28, 2009 at 12:41 PM, Jeremy T. Bouse
> > <jeremy.bouse at undergrid.net <mailto:jeremy.bouse at undergrid.net>>
> wrote:
> > jim.kinney at gmail.com <mailto:jim.kinney at gmail.com> wrote:
> >
> > > This is a simple test of firegpg running on Fedora
> > 12/Firefox 3.5.5
> > >
> > > Please reply with good or bad signature status.
> > >
> >
> >
> > gpg command line and output:
> > /usr/bin/gpg
> > gpg: Signature made Sat 28 Nov 2009 11:04:06 AM EST using RSA
> > key ID
> > 6A87D3C5
> > gpg: BAD signature from "James P. Kinney III (Physicist,
> > Brewer, Dad)
> > <jimkinney at gmail.com <mailto:jimkinney at gmail.com>>"
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org <mailto:Ale at ale.org>
> > http://mail.ale.org/mailman/listinfo/ale
> <http://mail.ale.org/mailman/listinfo/ale>
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> <http://mail.ale.org/mailman/listinfo>
> >
> >
> >
> >
> > --
> > --
> > James P. Kinney III
> > Actively in pursuit of Life, Liberty and Happiness
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org <mailto:Ale at ale.org>
> > http://mail.ale.org/mailman/listinfo/ale
> <http://mail.ale.org/mailman/listinfo/ale>
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> <http://mail.ale.org/mailman/listinfo>
> --
> Michael H. Warfield (AI4NB) | (770) 985-6132 | mhw at WittsEnd.com
> /\/\|=mhw=|\/\/ | (678) 463-0932 |
> http://www.wittsend.com/mhw/
> NIC whois: MHW9 | An optimist believes we live in the
> best of all
> PGP Key: 0x674627FF | possible worlds. A pessimist is sure
> of it!
>
>
>
>
> --
> --
> James P. Kinney III
> Actively in pursuit of Life, Liberty and Happiness
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
Url : http://mail.ale.org/pipermail/ale/attachments/20091129/022ecb43/attachment-0001.bin
More information about the Ale
mailing list