Apple Mail warning: Unable to verify message signature
After upgrading from Sierra to Mojave (macOS 10.14), Apple mail started to display the warning Unable to verify message signature above all signed and encrypted emails. When clicking on Details, it says:
The digital signature is incorrect. The message may have been tampered with or corrupted since signed by (sender's name).
We are using S/MIME certificates signed by a self-signed root CA, but I doubt that this is the problem. When checking the certificates in the Keychain app, they are reported to be valid and good. However, if in Apple Mail, I get the above message and click on Show Certificate, the root certificate is reported to be valid and trusted, but the S/MIME certificate is nonetheless invalid for no obvious reason.
Note that some report similar problems for emails with attachments only.
This seems to be due to a bug in Apple Mail, at least in macOS 10.14.1, but possibly introduced in macOS 10.13.5 as an attempt to mitigate the EFAIL security hole.
When Mail is set to not automatically load remote content (Preferences > Viewing > Load remote content in messages is not checked), then the warning message Unable to verify message signature is displayed for every S/MIME signed message.
You can get rid of the warning by either
- Setting Mail to automatically load remote content (set Preferences > Viewing > Load remote content in messages to checked) not recommended
- Clicking on the "Load Remote Content" button displayed on the right of the warning message
However, for security reasons, it is not recommended to load remote content unless it is from a trusted source.
I consider this a major bug for the following reasons:
- It makes no sense that the verification of signatures is dependent on loading remote content, because the signature file is an inline attachment
- There was no such dependency before
- The warning is strongly misleading
I even consider this a severe security problem because:
- Loading remote content is considered a security problem that can even lead to the leakage of encrypted content as described by EFAIL
- The user won't be able to have the message signature verified without loading potentially dangerous remote content
The fix was originally intended to stop the Mail app from loading HTML content without the user's consent. However, the way it is implemented now, this leads to also not loading the signature attachment.