Signed emails (not encrypted) sent with attachments from Outlook are arriving with smime.p7m file
Posted on 2009-05-13
I have scoured the internet in search of a solution but can't quite seem to find anyone coming across the same issue as I am.
1. All of my users are either using Outlook 2003 or Outlook 2007
2. We have Exchange 2007
3. Some users (not all) have a Verisign certificate for secure email communications which is used inside and outside of the company.
4. Outlook security/certificate settings are verified to be correct.
-"Add Digital Signature to outgoing messages" is checked
-"Send clear text signed message when sending signed messages" is checked
-"Encrypt contents and attachments for outgoing messages" is UNCHECKED
-"Request S/MIME reciept for S/MIME signed messages" is UNCHECKED
-Users Verisign certificate is selected for encrypting and decrypting messages.
5. Only one verisign certificate for the user is installed in Outlook and Internet Explorer and is the correct one.
NOTE: Not all digitally signed users are having this issue:
A user sends a SIGNED (not encrypted) email that will include an attachment (usually pdf or word doc). The recipient recieves the email and can read the body of the email however the attachment originally sent is replaced with a file named smime.p7m (not .p7s which would imply that is was signed.) These recipients are getting thier emails through different mail clients, mostly outlook or othe SMIME compatible clients. Some recipients have signed certificates of thier own and other may not. This should not stop them from recieving a simple signed email (not encrypted).
The email itself shows the Red Ribbon noting that the email is signed and verified.
What outlook seems to be doing is sending a signed email with an encrypted attachment.
If i've left out any details, please ask. Is there anyone who might have a clue to what's going on?
Just a side note, this all started when we recently took stand-alone desktops and joined them to our new domain, we then had to re-create the certificates from Verisign and re-install then om the machines because the original certificate would not work because of a difference in the machines ID causing the certificate to become invalid.