How to use openssl smine sign the email body only

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi there,

I created a script to use "openssl smine" to sign emails in Postfix. 

The script is running the command below.

openssl smime -sign -signer /etc/letsencrypt/live/mail.xxx.xxx/cert.pem
-inkey /etc/letsencrypt/live/mail.xxx.xxx/privkey.pem -in $MESSAGEFILE -out
$OUTFILE || { echo Problem signing message; exit $EX_UNAVAILABLE; }

The $MESSAGEFILE is email content and $OUTFILE stores the output signed
email file. The script is running without any problem and email can be sent
to mail box. But the problem is smine signed the whole email included the
existing headers. 

So is there a way to let smine only sign the email body?

Here is the email signed by smine.

*Received: from mail.xxx.xxx (unknown [xxx.xxx.xxx.xxx])
	by mx21 (Coremail) with SMTP id R8CowACXTp+M2CZdostiCQ--.63511S3;
	Thu, 11 Jul 2019 14:34:56 +0800 (CST)
Received: from mail.xxx.xxx (localhost [127.0.0.1])
	by mail.xxx.xxx (Postfix) with ESMTP id A0C2AC149A0
	for <receiver@xxxxxxxxx>; Thu, 11 Jul 2019 16:34:48 +1000 (AEST)
MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature";
micalg="sha-256"; boundary="----B0D2B6501759DF22E6B9827580C1C8D1"
X-CM-TRANSID:R8CowACXTp+M2CZdostiCQ--.63511S3
Message-Id:<5D26D898.876B91.32184@xxxxxxxxxxxxxxxx>
Authentication-Results: mx21; spf=pass smtp.mail=sender@xxxxxxxxx
	soft.com.au;
X-Coremail-Antispam: 1Uf129KBjvJXoWxWr47KFW7ArW5JF4UurW8Crg_yoW5Ar1kpF
	W2g3sFkr1kZF1Iyas7ArW8WrySvrn8Kr48Gw1DK3yUAws8uryjkF1rtw4UKa9rGFWxX3yY
	ga1jqasruFZ0qrJanT9S1TB71UUUUUDqnTZGkaVYY2UrUUUUjbIjqfuFe4nvWSU5nxnvy2
	9KBjDUYxBIdaVFxhVjvjDU0xZFpf9x07jmc_fUUUUU=
Date: Thu, 11 Jul 2019 14:35:04 +0800 (CST)
From: email_marketing@xxxxxxx

This is an S/MIME signed message

------B0D2B6501759DF22E6B9827580C1C8D1*
Received: from localhost (localhost [127.0.0.1])
	by mail.xxx.xxx (Postfix) with ESMTP
	for <receiver@xxxxxxxxx>; Thu, 11 Jul 2019 16:34:48 +1000 (AEST)
X-Virus-Scanned: amavisd-new at xxx.xxx
Received: from mail.xxx.xxx ([127.0.0.1])
	by localhost (mail.xxx.xxx [127.0.0.1]) (amavisd-new, port 10024)
	with LMTP id HpBOnD__tFYe for <receiver@xxxxxxxxx>;
	Thu, 11 Jul 2019 16:34:47 +1000 (AEST)
Received: from XXXMail (unknown [52.65.226.31])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: email_marketing@xxxxxxx)
	by mail.xxx.xxx (Postfix) with ESMTPSA id 2A4DBC149A2
	for <receiver@xxxxxxxxx>; Thu, 11 Jul 2019 16:34:47 +1000 (AEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail.xxx.xxx 2A4DBC149A2
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xxx.xxx;
	s=default; t=1562826887;
	bh=zEHSRite2Oj6+gkb5XLOEibTqoyx4wfkxFvtHbrgboU=;
	h=Date:To:From:Reply-To:Subject:List-Unsubscribe:List-Owner:From;
	b=Zo7Rkn89Oe8ekeFfgvtJa/KHdIyI1NeZzyL7XQ8g7c4VIWTVOJC813l44rwAUje08
	 XSnf9HLzrJy4I4suANkrmXNIF6w/UEZ/S1+qoydQE2kmlDql3p9hWDN4t4roGcCrrB
	 wDgdcY4vgvld1kjh6a/sggmr4BiKG4LY0g5OfeqjxX22g1anWCY5fBB6LHrJrmR48V
	 N2eQE+CRJED2ZHjC+rhf83aD4h81jt6OhVNwuIMR2nlMBBdcegibfqCw6lMd3eZrLE
	 iGgHZ6dX/TrU/TZP7rC0B9IvXKcGbfIrw1KZ71McSiVw5U+JtZqa77YT9PErWj5KnS
	 t+J4FVB37jpMA==
Received: from localhost [127.0.0.1] by  with HTTP; Thu, 11 Jul 2019
16:34:47 +1000
Date: Thu, 11 Jul 2019 16:34:47 +1000
To: Kerry Fly <receiver@xxxxxxxxx>
From: email_marketing@xxxxxxx
Reply-To: email_marketing@xxxxxxx
Subject: New T-shirt arrived
Message-ID: <ORDt9z28HeX7Kjig9mfHqz3QrAshMFkHNSeHdTELDY@XXXMail>
X-Mailer: XXXMailer
X-MessageID: ABsLBhQBCAA
X-ListMember: receiver@xxxxxxxxx
Precedence: bulk
List-Unsubscribe:
<http://xxx.xxx/email_marketing/email_marketing_subscribers/unsubsc
 ribe/ABsLBhQBCAA>
List-Owner: <mailto:email_marketing@xxxxxxx>
Error-To: email_marketing_bounce@xxxxxxx
Bounces-To: email_marketing_bounce@xxxxxxx
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="b1_ORDt9z28HeX7Kjig9mfHqz3QrAshMFkHNSeHdTELDY"

This is a multi-part message in MIME format.
--b1_ORDt9z28HeX7Kjig9mfHqz3QrAshMFkHNSeHdTELDY
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

View in browser
ConfigurationSession configuration is stored in=C2=A0Configur=
e=C2=A0under the top level=C2=A0Session=C2=A0key, and a number of options a=
re available:Session.cookie=C2=A0- Change the name of the session cookie.Se=
ssion.timeout=C2=A0- The number of=C2=A0minutes=C2=A0before CakePHP=
=E2=80=99s session handler expires the session. ...
For more information about and how to integrate it inside your applications=
MADE BY ARTUR ARSENIEVClick here to unsubscribe.
--b1_ORDt9z28HeX7Kjig9mfHqz3QrAshMFkHNSeHdTELDY
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

=09=09=09=09=09=09<!DOCTYPE html PUBLIC &quot;-//W3C//DTD HTML 4.01
Transitional=
//EN&quot; &quot;http://www.w3.org/TR/html4/loose.dtd&quot;>
=09=09=09=09=09=09<html xmlns=3D"http://www.w3.org/1999/xhtml"; xmlns:v=3D"u=
rn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-microsoft-com:office:o=
ffice">
=09=09=09=09=09=09=09<head>
=09=09=09=09=09=09=09=09
=09=09=09=09=09=09=09=09<meta http-equiv=3D"Content-Type" content=3D"text/h=
tml; charset=3DUTF-8" />
=09=09=09=09=09=09=09=09<meta name=3D"viewport" content=3D"width=3Ddevice-w=
idth, initial-scale=3D1" />
=09=09=09=09=09=09=09=09<meta http-equiv=3D"X-UA-Compatible" content=3D"IE=
=3Dedge" />
=09=09=09=09=09=09=09=09<meta name=3D"format-detection" content=3D"telephon=
e=3Dno" />
=09=09=09=09=09=09=09=09<meta name=3D"format-detection" content=3D"date=3Dn=
o" />
=09=09=09=09=09=09=09=09<meta name=3D"format-detection" content=3D"address=
=3Dno" />
=09=09=09=09=09=09=09=09<meta name=3D"format-detection" content=3D"email=3D=
no" />

=09=09=09=09=09=09=09=09
=09=09=09=09=09=09=09</head>
=09=09=09=09=09=09=09<body marginwidth=3D&quot;0&quot;
marginheight=3D&quot;0&quot; style=3D&quot;ma=
rgin-top: 0; margin-bottom: 0; padding-top: 0; padding-bottom: 0; width: 10=
0%; -webkit-text-size-adjust: 100%; -ms-text-size-adjust: 100%;&quot;
offset=3D&quot;=
0&quot; topmargin=3D&quot;0&quot; leftmargin=3D&quot;0&quot;>

...</body></html>

--b1_ORDt9z28HeX7Kjig9mfHqz3QrAshMFkHNSeHdTELDY--


------B0D2B6501759DF22E6B9827580C1C8D1
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"

MIIIFAYJKoZIhvcNAQcCoIIIBTCCCAECAQExDzANBglghkgBZQMEAgEFADALBgkq
hkiG9w0BBwGgggVmMIIFYjCCBEqgAwIBAgISA2D+gfTao7ImMR5FeJceYRQOMA0G
CSqGSIb3DQEBCwUAMEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNy
...
DXxa77+7AlgOHRJnW0wnk4kUCKTkH74vD8s0TpPsrc7qKZlHLjQO/tkoa/Ea1ogD
kzryl95Vwls=

*------B0D2B6501759DF22E6B9827580C1C8D1--*



--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux