Mail server 550 5.6.0 error signing emails

Hi everyone!
First time poster here. Just started using the GpgOL plugin for our on-prem Exchange 2019/Outlook 2019 setup and I’m seeing an error I can’t figure out what to do about.

Sometimes the server reports ‘550 5.6.0 M2MCVT.StorageError.Exception: ConversionFailedException, Content conversion: Invalid S/MIME encrypted message.; storage error in content conversion.’.

I did some testing and what I found is this: it happens when you try to reply or forward a message containing an inline image. So mostly this happens when you try to reply to a message with a sig containing a logo, which is kind of annoying to the users.

I’ve tested using a received mail that contains two images in the sig, if I remove everything except image1 it fails. If I remove image1 I can forward it even though image2 is still in the message so this isn’t a problem for all inline images. Also, if I save image1 to my computer, create a new message with my own Outlook it works fine, sending, replying, forwarding. So I assume it’s not the specific image either, it has to be something to do with the way the remote e-mail client embeds the image, perhaps in conjunction with the size since image2 (the smaller one) works.

Does anyone have any idea of what to do? Except rewriting (yeah, the mail that ends up in Sent Items is completely blank) and resending the reply with signing turned off.

BR,
Måns

Hi Mans,
sorry to hear that you have problems.

Are you using GpgOL with S/MIME or not? (If not, it shouldn’t interfere and many users use OpenPGP only with GpgOL. Which version of Gpg4win are you using anyway?).

A next step could be to enable GpgOL debugging information.

Best Regards,
Bernhard

Hi Bernhard,

Sorry, I was thinking I should’ve said the “Enable the S/MIME support” is NOT checked in GpgOL. I thought I’d get everything working with default settings before tinkering with checkboxes. :slight_smile: Also, no encryption/signing is enabled in Outlook itself nor in the Exchange server.

GpGOL - 2.4.4
Gpg4win - 3.1.11

Just noticed there’s a 3.1.13, I’ll upgrade and enable debug logging. Do you suggest full logs or will default be enough?

BR,
Måns

Hi Mans,
first checkpoint is to confirm that the problems are not there if you have no GpgOL installed.

If the problems are related to GpgOL you should use the latest version.
Try the default for the logs first, be careful: Do not post the logs here,
as they may contain sensitive information. Instead read them and try to find
relevant places. Usually one of our developers (e.g. Andre) gives you more specific
instructions how to find the right diagnostic data to mail to us.

Regards,
Bernhard

Hi Bernhard,
I upgraded, now at 3.1.13/2.4.7 and the problem is still there. If I deselect “Sign” before I send the message gets delivered as expected. I can of course uninstall everything but I think that strongly indicates the problem is, at least, related to GpgOL signing.

Yeah, I created a full log first. It was detailed to say the least… I’ve looked through a default log now. Seems to encrypt four attachments for this particular mail which it seems happy with; “cryptcontroller.cpp:do_crypto: Crypto done sucessfuly.”.

It continues on to get the Exchange version, “oomhelp.cpp:get_ex_major_version_for_addr: Detected exchange major version: 15.2.659.4”.

Then we start seeing “return false” and “failed” for stuff. We see a “return false” first, and false could very well be an ok return value here; “hasCryptedOrEmptyBody_o: Found mapi body. Return false.”. We then see “oomhelp.cpp:get_pa_string: Property `http://schemas.microsoft.com/.../GpgOL UID/0x0000001F’ is not a string (vt=0)
oomhelp.cpp:get_unique_id: No uuid found in oom for ‘???’
mapihelp.cpp:mapi_get_uid: Failed to get prop for ‘???’
ribbon-callbacks.cpp:get_mail_from_control: Failed to get uid for ???”. This repeats twice with different values for ???. Other than that I see nothing that stands out.

BR,
Måns

Mmmh, the only known issue to cause this is using exchange 2007, which you are not.

I’m mostly testing against Exchange 2019 from Office 365.

I’ll take a look if I can reproduce it somehow, sometimes MS changes something in an update that requires us to make changes, too.

The S/MIME part is expected even though S/MIME is off. Because to send out proper PGP/MIME mails we tell the exchange server that we are an S/MIME message so that it does not modify the message an breaks the signature.

Hi Andre,
If I can be of assistance I’d be happy to help. I have not been able to reproduce the issue by creating a new mail and inserting images, it’s only when I reply or forward a message originating from outside. Perhaps I should forward one of the offending messages to you? It contains no sensitive data so I’d be happy to do that if you think it’d help at all.

BR,
Måns