check_encrypted too strict, doesn't work with K-9, for example

[teythoon]

chatmail was pitched to me as allowing encrypted outbound mail, and working with clients other than delta.chat. However, when I tried to send an encrypted outbound mail using K-9, it was rejected, saying that the message is not encrypted when in fact it was.

I believe the reason for that is that the function check_encrypted is too strict and checks that the subject is .... K-9 on the other hand, if subject encryption is enabled, sets the unencrypted subject to Encrypted Message. If I disable subject encryption, and manually use ... as subject, my mail is relayed.

I don't think check_encrypted should consider the subject at all. Looking at draft-ietf-lamps-header-protection-18 it seems to me that there is no fixed replacement string to obscure the subject with, with the recommended default being [...].

[missytake]

Unencrypted mail is prohibited because we want to avoid spam, more specifically sending unwanted content to people whose public key you don't know. The subject is a message part which is typically shown in the recipient's UI, and therefore interesting for spammers, that's why we want to avoid showing it.

I suggest to also allow Encrypted Message and [...] as subjects in check_password(). This is still stricter than what the header protection standard allows, but the goal here is not to follow the standard but to make open-signup chatmail servers unattractive to spammers.

[teythoon]

It occurred to us that chatmail could simply normalize the subject to [...] instead.

[hpk42]

On Mon, Feb 05, 2024 at 07:36 -0800, Justus Winter wrote: chatmail was pitched to me as allowing encrypted outbound mail, and working with clients other than delta.chat.

We don't guarantee other clients work. If there are small things to make it work for other clients, that's fair game, however. There is upcoming work to provide Delta Chat Core<->Chatmail integration so that settings such as automatic message-removal and e-mail routing policies can be set from within the app. See #185 There is, for now, no plan to add a web-interface like typical e-mail providers offer.

I believe the reason for that is that the function `check_encrypted` is too strict and checks that the subject is `...`. K-9 on the other hand, if subject encryption is enabled, sets the unencrypted subject to `Encrypted Message`.

Is this `Encrypted Message` subject localized? If not, wouldn't it rather make sense if K-9 also used "..."? The "..." subject was at some point discussed by Autocrypt folks, including Patrick and Vincent IIRC, and was commonly agreed to be the best choice as it does not need any localization (which is tricky, because sender-localization might be different from receiver-localization).

[hpk42]

On Mon, Feb 05, 2024 at 15:10 -0800, Justus Winter wrote: It occurred to us that chatmail could simply normalize the subject to `[...]` instead.

do you mean we could overwrite the clear-text subject to "..." when we find a valid PGP-mime structure? I am not currently using K-9 -- could you try to provide a more precise algorithm or a PR for making K-9 work, or, failing that, provide example full-source K-9 generated messages that are rejected by chatmail?

[teythoon]

On Mon, Feb 05, 2024 at 07:36 -0800, Justus Winter wrote: chatmail was pitched to me as allowing encrypted outbound mail, and working with clients other than delta.chat.

We don't guarantee other clients work. If there are small things to make it work for other clients, that's fair game, however. There is upcoming work to provide Delta Chat Core<->Chatmail integration so that settings such as automatic message-removal and e-mail routing policies can be set from within the app. See #185 There is, for now, no plan to add a web-interface like typical e-mail providers offer.

I don't think I have asked for a web interface.

I believe the reason for that is that the function check_encrypted is too strict and checks that the subject is .... K-9 on the other hand, if subject encryption is enabled, sets the unencrypted subject to Encrypted Message.

Is this Encrypted Message subject localized?

I don't know, I am not a K-9 developer.

If not, wouldn't it rather make sense if K-9 also used "..."? The "..." subject was at some point discussed by Autocrypt folks, including Patrick and Vincent IIRC, and was commonly agreed to be the best choice as it does not need any localization (which is tricky, because sender-localization might be different from receiver-localization).

I'm the wrong person to suggest this to, I am not a K-9 developer.

On Mon, Feb 05, 2024 at 15:10 -0800, Justus Winter wrote: It occurred to us that chatmail could simply normalize the subject to [...] instead.
do you mean we could overwrite the clear-text subject to "..." when we find a valid PGP-mime structure?

Yes.

I am not currently using K-9 -- could you try to provide a more precise algorithm or a PR for making K-9 work, or, failing that, provide example full-source K-9 generated messages that are rejected by chatmail?

Sure:

Date: Mon, 05 Feb 2024 12:22:17 +0100
From: Justus <[email protected]>
To: REDACTED
User-Agent: K-9 Mail for Android
Message-ID: <[email protected]>
Autocrypt: [email protected]; keydata=
 mQGNBGWNXoMBDAC+D3Na6zJX8d8NEIIoYqcGsOeJCtPs4DZIE8x4nVIRewwG6+CU0/Su8J1sdNL8
 InVYnE0DUnRfL9RpT/6oHPsbuN8Yo/xyZbc6Df0MgstrbkiIpIb6YdpMB9vnS9phpTDXuVXwOdb+
 Q8woi46bZ4jdCm1x/5zW8e2fbahHSSFjDYTKydu3SVTeKPNVdHv9gG7SNQy0emOCP7NXxloi8+aR
 4fbgfWpm6yb/pJFDH6jmPZ8LK228qXqSv6urquaCu/yD4S+XR/DvGqj2lA/ntvNhDOjrK4gWt5EA
 4djfnTK6z/vt/IkSSca5ITjcbyPBpXnId896NQk76sAdG+K+mJGMJn9YahoI4UvISfCp/B5Fw3Bq
 5NmeL5zKN14R5AW5E/Y2J693MJ+VubRoB3VR/RZi5ZeEd1aLkxhqITv6m8FRXrSpC6fIhbqAZGmm
 91OAAVNn5/MqaAaWJ5iUKGlNJrDFHVBXEpNah24FEoe6olNiBDNnWJ9tqOmZIiIDPCl8FIEAEQEA
 AbQadHF3ZXJ0eWpkQG5pbmUudGVzdHJ1bi5vcmeJAbAEEwEKABoECwkIBwIVCgIWAQIZAAWCZY1e
 gwKeAQKbAwAKCRDtNhlhxu8KoFcjDACfMwEEuEStLsY8Wo/r/mmhZKLjgwRgdcVV7sFpksgk+Myy
 UyL5VUEi9KVd4lKWNqDSi9S67lW+6hwf/kUrycVIT5AA0i8ZXdtroUpkUIwMOaSEfGpUhPI/kQbz
 wqYJYES1XPqtpUmL4WR+52CHwtEeKZp+jiKnSNeh1QocBYjld0617dpb6XnAVl+69sQUHioxX7Bu
 c60CuABcFw78/9hvzX37NC7mvP1vbYS7iEze5p2CUweKtrnnDJpi+oBLAucKQRErIUfJUV/XFdE4
 j4m+NWAtcnyRVx3WruEWW+fzzb7+fc3fwV8pGCUcD4cb/Bzssg3LVLQiBENRXTmTc5RFxQXWbZae
 5f6VLAkVEdoxOMVT2dCjLbwo1nPl9emTTIneRLjLX/cTNdbVZuq/Kv/SoXa05ayljSlZmrCF8k3x
 zESSeJLrrHkoSPoXECeAJbZyMYmOxZPZChVQhUCxDBAR9wzJmLoHBxoDxYMq16S+Ws4Z+lR2cHj2
 4lFAMIzCKsy5AY0EZY1egwEMAIkCo235tKDEUjcW8w77AHFf6+W0183E7US8ze3C8T3UUDsh1nQn
 h+nZFOnKBRNQHUwRzWgV0ZQmllTrZt67fHOwywqHtaQMe90cZXbvhVoTzehw3B9bYT1j/24LDMy/
 /eQBZuQeSlcLD6+BC0ro7EGxn5T24CAsmMjrI2ppjgZFlcXo9bA+Xp6rI/HX8AQgWbbegtGnSIDB
 K20+e+xWANaWUsSBhIwsx2qz0IEq+RER60Zd1xZ41acVyNbDHNocEBnfzOF4GXRAz4M/v9l7ABep
 21ALLC/OOKuC8cZDeY+HAbJ0qxggh//+ucpfBF0poOQDJzfNaOGysfn/0NGfxRVbFJc8fNc9P5+K
 fnjm4RdNkwQRXQeQfqPU9a4AlAH5vl8zHabyYIJUUtP+b7VF6VPfSVzJ+h4BPPIVS/TqKQM6HShX
 rGs9/DcXfDfcIXxhAfo2M+VKkrlunBev0OrhIDLNn5IigNIa78ZN9cZ/3SZVTfOzFnFuFtnO50tv
 q5OpvQARAQABiQGfBBgBCgAJBYJljV6DApsMAAoJEO02GWHG7wqgwnQL/ijcTiKNO2Cw4pvgggbL
 8e2mgXCQn0aNufbYeylGdX/BP2SMRku5OubjESU0oMVx/Hhy19UkUFhCuOeouSNsbTd6w8Ou+nkh
 6bs4KJvhMUFVQe6dE8Reci3EoImcTxV9nqWuvhdXkPddht9Pa5PoRpJlpWxHKpMfrPwWtbW/J8qn
 dnnc+x9FqxLVY+Z75GbrrMI/I2ClvbfgMnOGQxyZRhcPesiaMyp4bYbX3zxrIZXSG68CQERiMXk8
 UAeZFPgnm4Hh0rP5cn9enn8tj67ruFsEAU3YMi7eOVOSFlamjH0PTVr3ztdoMathEL7n1s5ksk5b
 Rgo0SgQy4OgApJIB0B16Zhcd66I4sTZLb2RRkFO9uHDFIOuJGTqYfR3ZjWlEftfxW80g7uLZYwfW
 gzMOEa9jSZpfWpiWDYfVYcHqQTOAoyc1ndwJno/4pO+kRmYoIUaoBqNqiqNtnTl9eiJHcb8kuaxa
 PP5Qy9N6C2QONUAb4aFBPe0cYXQ6AUnOqBmd3w==
Subject: Encrypted Message
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Type: multipart/encrypted; boundary="----GAXGEBIG1Q6UA7H3D91DE8MM3Q54OF";
  protocol="application/pgp-encrypted"

------GAXGEBIG1Q6UA7H3D91DE8MM3Q54OF
Content-Type: application/pgp-encrypted
Content-Transfer-Encoding: quoted-printable

Version: 1
------GAXGEBIG1Q6UA7H3D91DE8MM3Q54OF
Content-Type: application/octet-stream; name="encrypted.asc"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline; filename="encrypted.asc"

-----BEGIN PGP MESSAGE-----

hQGMAzhWohyp3KpBAQwAp76KkR97c29iXj6XwvYIom2c5jx9tNWBKR4t/oz1ltuh
LR2NUAOxL2dNxBY8AFlFK8G6nWwDt29nOQhmPCSImI/WcG0NqIzZ3Sc+fTbBvnPy
ne62g686UoE9la7qBSlNo0loQaJOBJ1MnFiVJ8o/p49TV1QoLAxXcaHp9eCs1lDa
g+wWAxnoCANvPKQLTyDKHC98VBXeiNZuJuXK+yVcLojo/4Bd32py/a2eOKZcQMXs
DGYZrL5ldphApUlD0R8cNjUA6AfIfwf6kBvN9GgacRFOLUMtP5/7CoYmZJd4ia8o
8T1WjqlNZtwVcWLRe36Ry9aatavYhjtn5FPr7E/RO9BB0kDYMR5HkaT+WZgDQV1V
/yaWzPSTP9tuCb4ZWz9St5K2zEcoTKpGbNwmX9YLr0tbcym+nLo6kB8ikD2nN3of
d5aoDeKutoecMLGIF9pseJAGVkHqKj6FQ/kYYrKDlsA0kqvHuSHj/tI2ANB60TME
diEy6e+wOn/V+Aq7AImphQGMA+7z+cqPiMawAQv8DtpHdiBdRkW85ZURmEsQQUKy
6PsMqtRXE/kqU4O1HVyUWsUknDNtbziQDpmcfv1FZzJryLgrHNYbObgsbCgGJ/Ru
3ahQwOkcHV6lzDZCwYs7QjYLAuw8SvWIISvqYOCHS0x/T0b/kjr3Gl+RJSvt78WW
YhO0R9z/JagTn+uiHjbmAtN2yJyyk5AfLySZ7gixMkkUlz87AAHVpwopNXdzsJKP
Qa4Kkc2BUWDCz9JLNEc8U2XmMXLEiXxOBKuvCaDqLnPORP2I7PZnXwyanB8ti10h
Li3U5R5+/n4TmQwF3e7lbJSpkZAPxBrRNxwASqa5nzm90/SWpYhkZBgWder1vFJA
rGOK7zOXFYxG6/SsRhftJPW8RC4MM5icK5Au+uUfA3Idosq49tZirjx6t9hdEjDK
bh1Xj5EbJj78q8LqZhpd3SZD2jFa7TKrfGgtxujEujUtojf/VEcAmwKtxkuP7T12
OktKIZ3BmeRiUfQVrPUoi/Y/VgBIj9wWQaDuh4QX0sJjAWigCK6gOWqYtWUEjVtL
PeJB7ZMTTsivKxSS0/uhOap3Ur7nq8vofCY5g60uSAPXsbjIH/ZEAIbS2Stw+pxu
PzG43YLXuvIOClmQ5iJtjPriUcXAWgf2/Ntcev3pIyuCvKHdrKCDADq871SWUyKj
1/qmw4YNvGVVfmys1d77KO+TGZeKm5j9XhmJ8WJGw2g8uFKEj9IeZlfPNmhF2dtL
xVjl/lrJPsZPepzh2MOHh78lHD9zq4voAPog2FXogBiZ4xKWVXPswiqOnHwFe9dn
yOo3cM6dWKXDhOHWK6a8dF9NQ2Q7RrHlXrXwbfeS7ZQ9llXRa0auPkRQKK0XzdhK
5otAcu0x65aw40hWOTboJR4AN3ypf8okLLN4fnB1kKaVIdMoWlYdTot3ezt0vy99
cqpKH6/w6pzxRufezW11bxBFYEPnFzhoblN2VuChPFY2nleiifBS+aaKt2EzF1q5
iL+dfvJupFXQtKyk8mLBB1QKl/qnBIAJchCeJET4xMpWvAhnluLbT9NO3G1uvN11
U9ZWi9yhZbYxCubYdVYmI6ZD0NIOxV5kTLdRbWm+Ctz+Lm3I/8bO68J73qqKWbYQ
rNEhj8QUAmKCdrFGufKp7t7wjgSG+h4/U5Xb+/glPuNgVF110BgbgUaAPGvttQO6
M+QnelZeb4B525Gj7VYDDVcrEjKDK2kXidxfo8nKN3HFM+eU1cWBJqtJHJXbZ5XZ
d1pmDypu3O8gOs/re1AVdYdGDou8axCC/yTTwbbbgNFxp88CBUe/Xzoaky4ZKunQ
Q3rlpD9ayzE7Lp0NvxH90pQWsxDCEkJaADbwcbYtOmvoR1uUAfo2NwWuITG70iFz
v0lqoiezn7D2J9XutpASQQInJus0gvy0ywjh3XirSoeZ2D4l6XcGMJjz7XNjzfnc
B4lmHQiGbKsfkPyLdPNkobUHjA2TzyEqxs/tAyMSypo9UwNiGsn2NdMs7oif/xiQ
X+/e2t5Rm+AJk9U7QYPN8o++px+JDZ+r3PkVAWW4c9rHgzf98Lo6pbt5h4eBrt/X
MrxVY64iHOwasTdMu9F+fv8+akI=
=Dj6B
-----END PGP MESSAGE-----

------GAXGEBIG1Q6UA7H3D91DE8MM3Q54OF--

[hpk42]

i started a PR at https://github.com/deltachat/chatmail/compare/allow_k9_encrypted_subject?expand=1 but then went to look in k-9 source and it localizes "Encrypted Subject" ( https://github.com/thunderbird/thunderbird-android/blob/main/app/ui/legacy/src/main/res/values/strings.xml#L1064 ) so we can not reasonably detect it, especially since we want our focus on chatmail/deltachat usage for the time being.

Overwriting the subject because it contains a valid pgp-encryption body mime structure i consider too surprising to users.
If that means that chatmail can not be used with K-9 for now that's ok. Given that the nine.testrun.org web page says "Dear Delta Chat users" a the top i don't think we need to document/explain extra that k-9 is not supported.

thereby closing this issue. Thanks for reporting anyway, and if needed we can revive the branch, and/or talk to cketti some time (as far as i see they are pretty focused on doing a first thunderbird/android release with unclear ETA)

[dkg]

Seems like this concern should at least be reported to k-9/thunderbird-android, so i've done that.

[dkg]

See also #370