From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp12.migadu.com ([2001:41d0:403:4789::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id zLEBAz8zr2QIXwEASxT56A (envelope-from ) for ; Thu, 13 Jul 2023 01:11:59 +0200 Received: from aspmx1.migadu.com ([2001:41d0:403:4789::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp12.migadu.com with LMTPS id kFY1Aj8zr2QAQAEAauVa8A (envelope-from ) for ; Thu, 13 Jul 2023 01:11:59 +0200 Received: from mail.notmuchmail.org (yantan.tethera.net [IPv6:2a01:4f9:c011:7a79::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 260154738B for ; Thu, 13 Jul 2023 01:11:56 +0200 (CEST) Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1689203518; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type:list-id: list-help:list-owner:list-unsubscribe:list-subscribe:list-post; bh=AzTEmQa+8G2hAtqgLLmwtd//dC0somKesXSnavMUPOs=; b=iVEI6iaPhl6eBzeCe9JnIlVUJLdqzd4zRVWVmwXCXxR+0crVV0csZIFNE6D1KJrj5rhvgJ uoPRm1tIsfVRyWUfG33HelQbU102FeUsoyVTeHH1KBahxW8kg/66Nb1/sI5Vin+rclVTat 4vRzVpdO9vidVnP5LD6j6lHF6tOk63RBR1PpjnwPzdU0MRFXjjyKzGapO2mmyzHr9ZkaO7 ybiMncdm94iMTqtqwGpo6qmf5/xcl9ySTjQXHwEwQF2JXkDNhtigAuK7T/CST+w+eKDhTQ I8pNYxuPKMWivtOvyInkM60HpRDOmtMCAFqPlWAx2XUhaI0ja3MDjIgEGvS3Fg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of notmuch-bounces@notmuchmail.org designates 2a01:4f9:c011:7a79::1 as permitted sender) smtp.mailfrom=notmuch-bounces@notmuchmail.org ARC-Seal: i=1; s=key1; d=yhetil.org; t=1689203518; a=rsa-sha256; cv=none; b=GI2ARkGyezNwcfD8zzWcl10AELOyOnGbwgkmS2V55DNST0qK5aBB7sW/9eCsCXIIyc4f6L dlMES7RkjcJzBS0KAHeX40cv9YWStOyPScK9oxPTJv1fnAbgv6Wr9UtUozB7x1T4RMp3dA sEikoXFSVu0P1lYmeoQASwEm4r0ZHCzrms5s+uD7beF7U9xk8ysyCAcRTCU3MaL3wpQE7u oDYz/FKg87986ivg8XFOuxaA+62CebhoSt2uITUI6zUrdD1fcZvo3c8EQn+8UrjWuJoQg1 FweRUcRnGKsyqLW6ET47Yc+VG3MIhPYzvYcWsIOmttBbd89KfmESP4jidEGIpQ== Received: from yantan.tethera.net (localhost [127.0.0.1]) by mail.notmuchmail.org (Postfix) with ESMTP id BBCCB5F6D2; Wed, 12 Jul 2023 23:11:51 +0000 (UTC) X-Greylist: delayed 442 seconds by postgrey-1.36 at yantan; Wed, 12 Jul 2023 18:34:54 UTC Received: from bbox.sascha.silbe.org (bbox.sascha.silbe.org [46.38.230.149]) by mail.notmuchmail.org (Postfix) with ESMTPS id 42F5E5F420 for ; Wed, 12 Jul 2023 18:34:54 +0000 (UTC) Received: from twin.sascha.silbe.org (twin.sascha.silbe.org [192.168.1.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "twin.sascha.silbe.org", Issuer "stunnel Pseudo-CA" (verified OK)) by bbox.sascha.silbe.org (Postfix) with ESMTPS id EEE0A61FDD for ; Wed, 12 Jul 2023 20:27:31 +0200 (CEST) Received: (nullmailer pid 1601145 invoked by uid 71000); Wed, 12 Jul 2023 18:27:31 -0000 To: Subject: PGP verification fails consistently for specific sender Date: Wed, 12 Jul 2023 20:27:08 +0200 Message-ID: MIME-Version: 1.0 From: Sascha Silbe X-MailFrom: sascha-ml-email-notmuch-notmuch@silbe.org X-Mailman-Rule-Hits: nonmember-moderation X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-notmuch.notmuchmail.org-0 Message-ID-Hash: KLCXZ6AAJCNFYGZMFAOMAQO6COCALF73 X-Message-ID-Hash: KLCXZ6AAJCNFYGZMFAOMAQO6COCALF73 X-Mailman-Approved-At: Wed, 12 Jul 2023 23:11:50 +0000 X-Mailman-Version: 3.3.3 Precedence: list List-Id: "Use and development of the notmuch mail system." List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: Content-Type: multipart/mixed; boundary="===============5489715074432367257==" X-Migadu-Country: DE X-Migadu-Flow: FLOW_IN X-Spam-Score: -6.69 X-Migadu-Queue-Id: 260154738B X-Migadu-Scanner: mx1.migadu.com X-Migadu-Spam-Score: -6.69 X-TUID: yZNCaWAsvdfM --===============5489715074432367257== Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" --=-=-= Content-Type: text/plain Hello, signed PGP/MIME mails from a specific sender (using a ticket system identifying as "X-Mailer: OTOBO Mail Service (10.1.7)") consistently fail to verify with notmuch ("[ Bad signature (claimed key ID 0x...) ]"). However the same mail verifies fine in mutt (version 2.0.5) so I expect it to be a bug on my side (i.e. in notmuch) rather than the sender side. Is anyone interested in debugging this failure? I can provide a copy of a failing mail off-list but don't have time myself to dive into the gory details of PGP/MIME verification right now. Tried notmuch 0.31.4 (Debian bullseye) and 0.37 (bullseye-backports); both fail the same way. The commits in git master since 0.37 don't look related to PGP/MIME signature verification. Sascha --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7Ycc2t6Wt6eY1E5VwY9q6IEw7ZcFAmSu8HwACgkQwY9q6IEw 7ZcoTg/9HgS5T6z+JlSYs3Ik+X/QaeQ1+s1Fnx1X2CceT5b+WhiPdUpVyIaNQHtA TZ4fLdKhF5fDBC+m19rCydWFoQ5jhfz0AAM9kUdzT6tVOkMLa6vQWB3MdxdlREOf bvNzDtIdXke/q/qd58qUphmwN5R+/dTCMiVQe9lWoFxitlawm6iJ8xBrZX1iD76N 0AVoesL+VMwFZGc2IuOPMxuGzvHkHcfBJe8qW5RVy4ZfalV3ynum0XQRp5h2A8Jh nrBYQaCOvjQ0cwTvwtgf071Z0jFT0fbE4x2kECZ7Dcfx6+jcDV5b89x2wsrDtXPF ojxFS6paCYwUsfpmJfigDCNDHd6Ydk082G1Ervm7zg7rnmHLBhIsBIFjleAusVTV 3inhxmIxrcjhLjxbmCbeTyLOWYhloTMJ1AsGRcZw7cLM8MwexLF11D+GHxXtKXI7 ONMT3lLCBrcJzdycYOv8rsal3FD4/izjrbfJMGeS+cS2+dEr6Q2pPmSfojfVvJvc 7AA5uAJfTgEZA/VTjKz/QJHBE9QbWbukHBl6upEALlkDYKxiSIGIQGCaqifB/pSO sCXdGy3FHoq+8cyh3AVY2Z60SSBxpj4vL/lOAJ2ZaoldZiNgnpYvt1eDfObjWUeL u0HpSnsRHqv/DJM+pViRhNWCBLH8H/n8pgJNFvLbYPkU/61Q1p0= =nnwb -----END PGP SIGNATURE----- --=-=-=-- --===============5489715074432367257== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --===============5489715074432367257==--