Hello ,
How can i disable the warning when attachment cannot be decrypted.
Thanks.
B.R.
Du
Hi @cxdu,
sorry for the late reply, I overlooked your question initially and only read it now.
How can i disable the warning when attachment cannot be decrypted.
I am not aware of a possibility to disable the warning, if you have tried to decrypt or verify an email. This seems to be okay as this warning is important if people would wrongly believe that the attachments were also within the crypto status of the email. So to says, anybody that is able to control the email transfer connection could just add more attachments. So a properly encrypted and signed email could have an attachment that is malicious, e.g. a malware file. In this case we must warn the user that the signature status is not valid for the whole email.
Can you tell us more why you would want to disable the warning and in what situation?
Best,
Bernhard
I just stubled upon this post and have exactly the same issue.
I am subscribed to a security mailing list from NCSC-NL. They send PGP signed messages with advisories. Included is an XML file that is not signed.
Every time I select such a message, Outlook stalls and displays this (modal) warning dialog. If I have to read several of these advisories it really delays both Outlook and myself. I am not sure if there are better ways possible, such as adding a warning bar to the message preview window - but otherwise, being able to turn it off would speed up Outlook a lot.
Hi Sander, thank you for sharing your use case scenario!
Although your wish is understandable, it is not possible to warn in another way than the current warning dialog window. And a warning is necessary, as explained by Bernhard.
That begs the question why NCSC-NL does not sign their complete e-mail. Did you ask them why they do this, or if it is intended at all?
I asked them @swagner . Their answer is that they usually never sign attachments, only the message itself. They consider that as sufficient to prove that the message originates from NCSC-NL.
In the meantime they created a list without XML attachments which has solved the issue for me and makes Outlook so much faster (before it took up to 10 seconds per message to scan it and then show the warning dialog).
Yeah, the message text, but not the attachment. Tampering the attachment is still possible and I doubt that the recipients will check if the attachment’s content matches the message body’s meaning, let alone programs processing the information. Even a replay attack is hard to detect.
Glad this works for you! 