GO GOOGLE! #E2EE #gmail #SMIME https://workspace.google.com/blog/identity-and-security/gmail-easy-end-to-end-encryption-all-businesses

Does anybody have a good link for a „How to create detailed #thunderbird logs“? I don’t really get how to do it.

I need detailed information what decisions Thunderbird „makes“ in terms of #smime/signatures/verification when opening a mail.

#logging
#foss
#mozilla

E-Mail-Sicherheit bleibt Dreh- und Angelpunkt der Cybersicherheit

#Cybersicherheit #EMail #EMailSicherheit #künstlicheIntelligenz #NIS2 #OpenPGP #Phishing #SMIME #SecurityAwareness #Seppmail #Sicherheitsstrategie #Verschlüsselung

https://netzpalaver.de/2025/01/21/e-mail-sicherheit-bleibt-dreh-und-angelpunkt-der-cybersicherheit/

Hands down the best part about switching away from #Microsoft #Windows and onto #LinuxMint is #Evolution.

Evolution blows #Thunderbird completely out of the water in just about every imaginable sense. If #GNU came out with a native Windows version of Evolution they would blow both #Outlook and Thunderbird out of the water.

There simply is no comparison.

And the best part? #PGP/ #GnuPG and #SMIME support built-in and out-of-the-box! No add-ons or plugins required.

I mean, #Kmail is nice, but it doesn't even come close.

https://en.wikipedia.org/wiki/GNOME_Evolution

Just fixed my private <-> work SMIME encryption (stopped somehow to work some time ago)

Is #SMIME able to use #ellipticcurves ?
For my #PGP keys that's a no-brainer to do, but with openssl doing CA, key, CSR and cert I couldn't get it to work

#AskFedi - I need a new #SMIME #cert for my #email. My old cert has been expired for well over a year now it looks like. Oops. ;-)

Is #GlobalSign still the recommended #CA for globally-trusted SMIME certs?

If not, what CA would you recommend?

#EmailEncryption #EmailSecurity #DigitalSignatures #InfoSec #PKI

After some #Thunderbird update, I've started to get notices about incorrect S/MIME signatures in emails which was previously marked as correct. The error message was obscure - something about an unknown issue.

No quick solution was found. After some time, I've tried again to figure out what is the problem, and this Czech article solved it: https://www.postsignum.cz/files/navody/thunderbird_smime/index.html

Shortly - Thunderbird dropped support of #SHA1 #checksum in #SMIME signatures and failed to provide any human-readable error message in that regard.

I believe it is a suboptimal behavior for a number of reasons:

1. I can't avoid getting emails from this source and can't make them upgrade their certificate, really. I have only a choice either to drop the signature check completely or rely on the substandard check. Obviously, in this situation I prefer rather to see the results of the check and probably some info that it is, actually, substandard.

2. Solving the problem needs to realize it first. An obscure error message is not too helpful.

3. Such incidents actually undermine the opinion about #cryptographic #signature check. If you see some error, your first though is not "it is probably a #MITM attack" but "probably something is broken in the signature check".

The possibility to fix everything is, however, good.

Have you ever wondered what it means when you get an email that is encrypted but not signed? At the very least, it's better than being completely unencrypted, isn't it?

It turns out that's not necessarily the case. I've looked at S/MIME and found that it is possible to construct messages that, when sent to multiple recipients, are decrypted into completely different messages:

https://lutrasecurity.com/en/articles/salamander-mime/

Can you trust what you decrypt? In this article, we look at S/MIME-encrypted emails and exploit them to take the recipients into alternate versions of reality.

https://lutrasecurity.com/en/articles/salamander-mime/

#SMIME in #Thunderbird: Sowohl unter #Windows wie auch unter #LinuxMint kann das verschlüsselte E-Mail zwar entschlüsselt werden, aber die Signatur sei nicht gültig. Ich freue mich, dass ich wohl zum ersten Mal ein verschlüsseltes E-Mail erhalten habe, bin jedoch ratlos, was das ungültige Zertifikat angeht.

Wer weiss Rat?

Ich versuche gerade ein #SMIME #Zertifikat unter #iOS auf meinem #iPhone einzurichten. Einfügen des Passworts aus #Keepassium schlägt fehl (das sei nicht unterstützt), Einlesen ab Kamera schlug mehrfach fehl und direkt Einfügen ist nicht erlaubt.

Vielleicht kaufe ich mir bald ein neues #Mobile…

#Tipp​​s und #Hilfe sind sehr willkommen.

uh oh my second ever support ticket at fastmail has been opened. but i think it's actually a bug in #ios18_1.

mail.app imap server settings don't allow me to use my fastmail username of emory at kvet dot ch. straight up says it's invalid. sending relay configuration (submission 587/tcp) is accepting that username fine so idk. i am going to see if i can force it with a profile.

i have a new #sMIME cert for my email addresses anyway!

Video: S/MIME E-Mail-Verschlüsselung einrichten

Mit S/MIME kannst du auf einfache Weise verschlüsselte und sichere Mails schreiben. Ich zeige dir, wie du ein kostenloses Zertifikat beziehen und in Thunderbird einbinden kannst.

#SMIME #Security #Verschlüsselung #Linux

https://gnulinux.ch/s-mime-e-mail-verschluesselung-einrichten

I am disappointed that on #iOS 18 I still cannot add an S/MIME certificate from another person except when they send me an eMail first. My use case is that I download the vCard, .pem or .cer (or whatever) from site like globaltrustpoint.com #smime #email #encryption
https://support.apple.com/en-us/102245

Neues Feature: mailbox.org führt S/MIME im Webmailer ein

Ab sofort wird S/MIME als zusätzliche Sicherheitsmaßnahme für den Webmailer unterstützt.
#ITsecurity #smime #encryption #ITsicherheit
https://mailbox.org/de/post/neues-feature-mailbox-org-fuehrt-s-mime-im-webmailer-ein

EN:
Unfortunately, I can't find a good entry point for this topic:
How do you implement server-side mail encryption and decryption for s/mime? I use Postfix+Cyrus.

DE:
Ich finde für das Thema leider keinen guten Einstieg:
Wie realisiert ihr serverseitige Mailver- und entschlüsselung für s/mime? Ich nutze Postfix+Cyrus.