This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Thunderbird claims mutt's S/MIME signatures are invalid

  • 3 replies
  • 1 has this problem
  • 25 views
  • Last reply by Matt

more options

When I write an S/MIME signed (and possibly encrypted) email with mutt on Ubuntu 14.04 I can read this email fine with mutt or Apple Mail; both say the signature is correct. But when I read the mail with Thunderbird, it complains "This message includes a digital signature but the signature is invalid. The signature does not match the message content correctly. The message appears to have been altered after the sender signed it." When the mail has been signed and encrypted with mutt, Thunderbird *can* decrypt the mail but still claims the signature is invalid.

Thunderbird accepts signed mails written with mutt on Ubuntu 12.04, though.

When I write an S/MIME signed (and possibly encrypted) email with mutt on Ubuntu 14.04 I can read this email fine with mutt or Apple Mail; both say the signature is correct. But when I read the mail with Thunderbird, it complains "This message includes a digital signature but the signature is invalid. The signature does not match the message content correctly. The message appears to have been altered after the sender signed it." When the mail has been signed and encrypted with mutt, Thunderbird *can* decrypt the mail but still claims the signature is invalid. Thunderbird accepts signed mails written with mutt on Ubuntu 12.04, though.

All Replies (3)

more options

The issue here is that the mail has been tampered with, not that the signature is invalid. So really the issue is that something is changing the message content post signing. Got an anti virus that sticks a scanned by tag in the mail perhaps, or decrypt's the mail to scan it?

more options

No, the virus scanner on our mailserver adds header lines but does not change the mail contents.

I've just created three fresh virtual machines with Ubuntu 12.04 precise, 14.04 trusty and 15.10 wily, added Postscript and mutt, and sent from each VM a similar S/MIME-encoded message to my account on our department's mailserver. Thunderbird accepts the mail from the 12.04 system but claims that the mails from the 14.04 and the 15.10 system have invalid digital signatures.

Both Mutt and Apple Mail accept all three mails' signatures as valid.

more options

lets have a look at the message source both from your sent folder and the received email.

As this forum makes a total hash of HTML and email source generally email them to me. Save them as TXT or DAT files to stop the google police blocking the attachment and send to unicorn dot consulting