That’s not the case on our installation. We’re receiving plenty of signed emails but there is no security information provided directly in Zammad.
Mind you, we don’t want to send signed emails from Zammad (in our case, the signature is added at the gateway level) so we will not upload our certificate or private key but we still wish to see if an incoming message was signed properly.
It looks like that in order to view the security status of an email, S/MIME has to be activated as a feature. And it only works for emails that come in after that moment, no S/MIME signature confirmation is available for older emails. That’s not optimal IMO.
At any rate, there is still something wrong. I received a signed email. In Zammad, I’m getting a yellow error message stating that the certificate cannot be found.
In order to confirm validity of a signed email, only the certificate attached to the email itself is relevant. It’s clearly there. So why am I getting the warning?
Thanks for answering, even if sending me on an errand.
I seem to have missed the following sentence in the docs:
Zammad does not include a list of built-in, trusted CAs.
IMHO, this information should be embedded on the S/MIME activation page because that’s frankly not something one would expect from an S/MIME capable email client.
Is this something we can hope for Zammad to include in the future? It just doesn’t seem efficient for every single Zammad customer who wishes to work with S/MIME to do the exact same tasks.
