Great point, I considered that too after I authored the original patch. It's a better approach I think. I'll try and give it a test run later tonight. -----Original Message----- From: Jani Nikula [jani@nikula.org] Received: Saturday, 03 Mar 2012, 6:36pm To: Tim Bielawa [tbielawa@redhat.com]; notmuch@notmuchmail.org Subject: Re: [PATCH] Fix mml-quoting in responses where pgp-signing is enabled On Sat, 3 Mar 2012 17:04:22 -0500, Tim Bielawa wrote: > The addition of mml-quote-region (notmuch-mua.el) in 2c6710e3 breaks > automatic signing in replies. When replies are mml-quoted and signing > is enabled by default the "<#part sign=pgpmime>" string will appear on > line 1. This will be consumed during the application of the > mml-quote-region function and transform into the inert string > "<#!part sign=pgpmime>". The result is that responses will no longer > be signed by default. > > This fix moves the point forward one line before applying the quoting > function. > > Consideration: Clients not signing mail by default. The first line of > their responses would be skipped when the quoting function is > applied. This string takes this general form: > > On Sat, 03 Mar 2012 12:55:14 -0800, notmuch-request@notmuchmail.org wrote: > > Because the string is generated by notmuch I don't believe this fix > introduces the possibility for malicious mml commands being omitted > from the quoting. Hmm, would it work to mml quote the reply *before* extracting it from the temp buffer, like below? It would handle not mml quoting the user's signature too. Completely untested... BR, Jani. diff --git a/emacs/notmuch-mua.el b/emacs/notmuch-mua.el index 4be7c13..13244eb 100644 --- a/emacs/notmuch-mua.el +++ b/emacs/notmuch-mua.el @@ -95,6 +95,9 @@ list." (goto-char (point-min)) (setq headers (mail-header-extract))))) (forward-line 1) + ;; Original message may contain (malicious) MML tags. We must + ;; properly quote them in the reply. + (mml-quote-region (point) (point-max)) (setq body (buffer-substring (point) (point-max)))) ;; If sender is non-nil, set the From: header to its value. (when sender @@ -116,12 +119,7 @@ list." (push-mark)) (set-buffer-modified-p nil) - (message-goto-body) - ;; Original message may contain (malicious) MML tags. We must - ;; properly quote them in the reply. Note that using `point-max' - ;; instead of `mark' here is wrong. The buffer may include user's - ;; signature which should not be MML-quoted. - (mml-quote-region (point) (mark))) + (message-goto-body)) (defun notmuch-mua-forward-message () (message-forward)