Signed emails (not encrypted) sent with attachments from Outlook are arriving with smime.p7m file

Hello All,

I have scoured the internet in search of a solution but can't quite seem to find anyone coming across the same issue as I am.

1. All of my users are either using Outlook 2003 or Outlook 2007
2. We have Exchange 2007
3. Some users (not all) have a Verisign certificate for secure email communications which is used inside and outside of the company.
4. Outlook security/certificate settings are verified to be correct.  
       -"Add Digital Signature to outgoing messages" is checked
       -"Send clear text signed message when sending signed messages" is checked
       -"Encrypt contents and attachments for outgoing messages" is UNCHECKED
       -"Request S/MIME reciept for S/MIME signed messages" is UNCHECKED
       -Users Verisign certificate is selected for encrypting and decrypting messages.
5. Only one verisign certificate for the user is installed in Outlook and Internet Explorer and is the correct one.

NOTE: Not all digitally signed users are having this issue:
A user sends a SIGNED (not encrypted) email that will include an attachment (usually pdf or word doc).  The recipient recieves the email and can read the body of the email however the attachment originally sent is replaced with a file named smime.p7m (not .p7s which would imply that is was signed.)  These recipients are getting thier emails through different mail clients, mostly outlook or othe SMIME compatible clients.  Some recipients have signed certificates of thier own and other may not.  This should not stop them from recieving a simple signed email (not encrypted).

The email itself shows the Red Ribbon noting that the email is signed and verified.  

What outlook seems to be doing is sending a signed email with an encrypted attachment.

If i've left out any details, please ask.  Is there anyone who might have a clue to what's going on?

Just a side note, this all started when we recently took stand-alone desktops and joined them to our new domain, we then had to re-create the certificates from Verisign and re-install then om the machines because the original certificate would not work because of a difference in the machines ID causing the certificate to become invalid.
Who is Participating?
JBoslooperConnect With a Mentor Author Commented:
I believe I have figured out the issue.  It goes back to a problem where these users had lost thier certificates and had to revoke the old ones and regenerate new ones.

Because the users on the other end have the old certificate stored in thier outlook (right-clicking on the contact and add to address book) the remote user is not able to open the attachment because the certificate is not matching and the users have not initially exchanged the new certificates yet.  

After tracing down all of the users that were having the problem it seems we have solved it by having both users update thier certificate information with each other.  
ParanormasticCryptographic EngineerCommented:

Do you have some kind of exchange plugin (antivirus, compliance software, etc.) that adds a 'scanned by...' message tag?
JBoslooperAuthor Commented:
Thanks for the link Paranormastic.  I'm not sure that the problem listed in the kb article matches up either.

We are running Symantec Endpoint 11.0.4, however I am not sure if these machines have it installed just yet because we are in the rollout process of the program.  I will need to go over and take a look, but I do know that we are not enabling the email scanning portion of the program since our server runs Symantec Mail Security.  Do you think Mail Security could be stripping something?
ParanormasticCryptographic EngineerCommented:
It might be... sorry I'm not more familiar with the nuances of that specific product and an issue just popped up so I can't do my normal digging around today.  Does it add a tag at the end of the message saying it was scanned before passing it to the user?  Might try contacting symantec to see if they might know one way or the other.  They may be stripping something or adding something - either way it woudl modify to break the sig.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.