[MU] SMime signature validation

[chibenwa]

Description

Have a pas/fail visualization regarding smime signature.

Requested for customer.

SMIME signature is to be validated on the backend side, and accessible to the frontend through the following headers:

X-SMIME-Status: Good signature
X-SMIME-Status: Bad signature
X-SMIME-Status: Not signed

• if X-SMIME-Status: Not signed or there is no header do nothing, like today

• if X-SMIME-Status: Good signature when I open the mail a good signature icon is displayed next to the email.

  When I hover over it, a flyover messsage reads The authenticity of this message had been verified with SMime signature

• if X-SMIME-Status: Bad signature when I open the mail a bad signature icon is displayed next to the email.

  When I hover over it, a flyover messsage reads This message failed SMime signature verification.

[chibenwa]

@hoangdat please plan work on this next sprint

[chibenwa]

CF https://ci.linagora.com/linagora/lgs/twp/mail-gov-mauritius/-/issues/30

[hoangdat]

@Bobpodvalnyi please help us on the icon for this function. Thanks

[hoangdat]

@Bobpodvalnyi please help us

[chibenwa]

After today discussion with @guimard without this feature LNG cannot be paied for the customer projet: it is mandated!

[Bobpodvalnyi]

https://www.figma.com/design/XqLqMINlZw09BdEHI8yLb9/Teammail---1.1?node-id=2956-1011&t=rrvBVF6LhV32w9QH-0 @hoangdat @chibenwa

[chibenwa]

Simple and efficient. Thanks!

[hoangdat]

@Arsnael @chibenwa One question: any problem if man-in-the-middle can change this header?

[Arsnael]

This header is set by the backend when it receives the email and treats it. If man in the middle sets it up it would be overriden when treated by the back anyways, and probably would fail because it has been tempered in the first place

[chibenwa]

Please document that the header shall be removed as part of the delivery chain.

@Arsnael we can create a tmail backend ticket to remove this header in all default confs, deployments. Can you take care of it? Thanks!

[Arsnael]

Please document that the header shall be removed as part of the delivery chain.

Well except if you use the smime verify signature mailet in the chain like for MU, correct? Or you want to delete it at the entry of the chain and do a verification behind?

[chibenwa]

No we should always unset it now when using tmail front so pkease remove everywhere

[Arsnael]

=> https://github.com/linagora/james-project/issues/5239

[Arsnael]

FYI work has been done for this on the backend and the smime check signature mailet has been deployed on tmail.linagora.com with the CA cert from MU.

@hoangdat I guess your team can start working on this now, and that you could test this with on-commit env? Or do you need it deployed somewhere else?

[Arsnael]

I see your team worked on that but it's not been merged into master branch, thus I can't check with the mail I tested with from MU on the oncommit env

[Arsnael]

@hoangdat @chibenwa I tried to do a little recording with tmail front (canary) and smime check signature configured with MU CA on our prod

https://github.com/user-attachments/assets/545a44ed-c775-421c-af5a-22088c593e4a

Would that be enough?

[chibenwa]

Yes indeed it is!