[MlMt] S/MIME algorithm

Jan Münnich jan at dotplex.com
Tue Jan 22 11:02:07 EST 2019

Hi Benny,

Apparently MailMate uses SHA1 for S/MIME signatures:
Content-Type: multipart/signed; boundary="=_MailMate_9C9B7CEB-A063-4594-B53C-4CA40977FBE0_="; micalg=sha1;

SHA1 is not considered as secure anymore (https://en.wikipedia.org/wiki/SHA-1). I also noticed that Gmail doesn't verify SHA1-signed messages anymore: 'The signature uses an unsupported algorithm. The digital signature is not valid.'

I don't know if you use a macOS library for S/MIME? A test from iOS Mail used SHA256:
Content-Type: multipart/signed; boundary=Apple-Mail-2496A2C0-AD94-4608-8970-57B8A409367C; protocol="application/pkcs7-signature"; micalg=sha-256


Jan Münnich
jan at dotplex.com | +49 30 20236996-1

dotplex GmbH | www.dotplex.de
Reinhardtstr. 27c, 10117 Berlin, Germany
AG Charlottenburg: HRB 173749 B | USt-IdNr.: DE304968794
Geschäftsführer: Jan Münnich
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3034 bytes
Desc: S/MIME digital signature
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20190122/0c8a10a9/attachment-0001.bin>

More information about the mailmate mailing list