9 Replies Latest reply on Jul 18, 2014 11:38 AM by danielsch

    PGP decrypted mail subject missing

    danielsch

      Hi,

       

      we used PGP decryption at the Ironmail 6.7.2 and now at the MEG 7.5.2. I imported the PGP certificates from the Ironmail into the MEG.

      Incoming mails get decrypted but the subject get not restored. The PGP mails we are get are the same like the Ironmail processed. There must be a subject in it.

       

      I found the KB77266:

      Environment

      McAfee Email Gateway 7.x

      Problem

      McAfee Email Gateway (MEG) 7.x offers S/MIME and PGP encryption. This allows the secure transport of email messages between the encryption MEG Appliance and decryption MEG Appliance (server to server encryption). When you capture a secure message that was encrypted with S/MIME or PGP by MEG Appliance, you see that the email headers in the original message such as Subject and To do not exist.

       

      Solution

      This is expected behavior. The S/MIME and PGP encryption features of the MEG Appliance are for server to server encryption and are intended to secure potentially sensitive messages during transport across the Internet. The MEG Appliance encrypts the original message into either S/MIME or PGP payload removes the top level headers. The original headers will be restored when the decryption MEG Appliance decrypts the original message.

       

       

      It looks "The original headers will be restored when the decryption MEG Appliance decrypts the original message."

       

      The MEG it doesn't restore the subject?

      Or is there some things I missed at the PGP configuration. I done the KB76387 for configure PGP.

       

      Daniel

        • 1. Re: PGP decrypted mail subject missing
          danielsch

          Hi,

           

          no one has a idea?

          I open a ticket at the McAfee support and come back with their informations.

           

          Daniel

          • 2. Re: PGP decrypted mail subject missing
            danielsch

            Hi,

            use someone PGP encryption at the MEG at all?

             

            I have a ticket at the Support open, but it takes ages to get forward with this.

            Maybe it helps to get some ideas what it can be, when I share some informations about my troubleshooting in this case at the community in parallel.

             

            Some facts about this:

            We use Lotus Notes e-mail client and server, but the encryption and decryption is done by the MEG only. Also the encrypted mails we get are build at a Lotus Notes e-mail client.

             

            To figure out, that maybe the e-mail format is the problem to "render" this e-mails in PGP I tested with Thunderbird (24.5.0) an Enigmail (1.6).

            Then, are outgoing e-mails get encrypted correct with subject, but incoming e-mails don't get reconized by the MEG and so they go through the MEG and ending encrypted at the Inbox.

             

            The conversation log doesn't help, so I will try to get some more informations via the debugging.

             

            Any further help is welcome, to troubleshoot this behavior.

             

            Daniel

            • 3. Re: PGP decrypted mail subject missing
              dolphinmc

              Hello danielsch,

               

              I'm experiencing the same issue with S/MIME. The subject is lost. Opened a ticket. Will keep you posted.

              • 4. Re: PGP decrypted mail subject missing
                danielsch

                Hi,

                my ticket is still under investigation. At the moment this issue is forwarded to the development team.

                I will keep the community updated too.

                 

                Daniel

                • 5. Re: PGP decrypted mail subject missing
                  danielsch

                  Hi,

                  I got an update from the support team. It seams now, this is not longer a bug!!

                   

                  That's the information I got:

                  At the time when the product spec was being put together for MEG-7.0 the product spec did not identify any third-party server-to-server S/MIME & PGP (neither of which are formally standardized) products with which we needed to interoperate.

                   

                  As a consequence engineering produced what we considered the simplest and most secure implementation.

                  Therefore the issue you reported constitutes a feature change, rather than a product defect. MEG is working as designed.

                   

                  I opened a Product Enhancements Request (PER). Will see what's happen now.

                  The workaround I be told is not really an option for me. At the moment I have no idea how I can bypass PGP encryption at the MEG.

                   

                  Daniel

                  • 6. Re: PGP decrypted mail subject missing
                    danielsch

                    In the meantime I setup a workaround for our environment. I installed a different PGP appliance and reroute all the encrypted traffic to them. This PGP gateway works perfect with all 3th party servers/clients.

                     

                    I'm not sure when McAfee will provide a usable PGP function. At the moment it is not more then a nice line at the white paper!

                    I opend a PER (28476) at the 23th of June and this is still in state "Not yet Reviewed". I believe there will be no progress in the next time.

                    • 7. Re: PGP decrypted mail subject missing
                      dolphinmc

                      Also opened a PER. Case is also still open.

                       

                      @danielsch: can you tell me what you used as a workaround? Maybe I will try the appliance also.

                      • 8. Re: PGP decrypted mail subject missing
                        danielsch

                        We use the CipherMail Email Encryption Gateway http://www.ciphermail.com/gateway.html for PGP only, but I believe the S/MIME is as easy as the PGP too.

                        It's running under VMware.

                        • 9. Re: PGP decrypted mail subject missing
                          danielsch

                          Some news from the support about the fix for PGP:

                           

                          This is currently planned for the next release of MEG software (7.6 Patch 3 and 7.5 Patch 4).