search

bbottema / outlook-message-parser

A Java parser for Outlook messages (.msg files)
76 stars 35 forks source link

Accessing S/MIME properties in Outlook files #51

Open bbottema opened 2 years ago

bbottema commented 2 years ago

See https://github.com/bbottema/simple-java-mail/issues/377

Symphily commented 2 years ago

Hello,

looks to me like this happens because the identification of S/MIME messages via ContentType (in extractSMimeHeader()) is a bit too strict. Certain ContentTypes will be identified as signed/encrypted but others (also valid ones) are not.

This is being identified correctly, for example:

This isn't (should be valid though):

Based on https://datatracker.ietf.org/doc/html/rfc5751#page-32 there are 3 cases we would need to cover. I revised the matches a bit and put all properties not necessary for identification in as optional. Maybe, those cases should use the specified classes for them (OutlookSmimeMultipartSigned / OutlookSmimeApplicationOctetStream / OutlookSmimeApplicationSmime)?

Unfortunately there is another case - sometimes the ContentType is "application/ms-tnef; name="winmail.dat"". Probably a Exchange default in certain versions. When this happens we can still go through all attachments and/or the messageClass to find matches there. Issue #40 has a example email for this.

In addition to all of this identifying S/MIME from msg-properties (in OutlookMessage().setProperty) quite often is not executed because the required properties are not available - not sure why... Maybe it has something to do with the MS-OXMSG protocol version which was used to extract the msg-file with (i.e. Outlook version). I haven't found any good solution for this but the identification by ContentType should always be working as it isn't msg-file specific.

I added a PR with a possible fix so you can take a look.

After doing all of this I ran some emails through simple-java-mail with the changes from above and I encountered two little issues:

  1. When I try to convert a signed plaintext-only email from msg to eml the process fails with a NPE after logging this warning: "SMIMESupport - S/MIME signed content type not recognized, please raise an issue for class java.lang.String"

  2. After converting a signed msg to eml: The email headers are not kept. So clients don't recognise the email as S/MIME any more because the header is now: "{Message-ID=[generated-for-smime-signed-attachment@simple-java-mail]}".

Let me know if I should add issues for those over at simple-java-mail with some more details.

roy20021 commented 6 months ago

@bbottema I am facing the same, can you re-evaluate this issue, please?