URL: https://it.desy.de/services/uco/documentation/digital_signatures/verify_e_mail_signatures/index_eng.html
Breadcrumb Navigation
Verify E-Mail Signatures
In some cases, an Email signature is attached to an email to indicate the authenticity of the email and its content. If this signature is valid, you can assume that the email has truly been sent by the sender from whom the message seems to have been sent. The following are examples of how you can detect whether the signature of an email is valid resp. Invalid.
Zimbra Web Interface (https://mail.desy.de)
Valid signatures
The following is an example of how an email with a valid signature appears on the Zimbra web interface (https://mail.desy.de). Here you can check if the signature was recognized as valid and who signed the email. If required click on the link next to the email-Signature “View Certificate” (see Figure 1), to display the details of the certificate used for the signature (see Figure 2).
Figure 1
For an unambiguous verification of the validity of a certificate, you can check the so called “Common Name" or the field "E-Mail" (see Figure 2). This should clearly indicate the sender. If you know the serial number of the certificate, you can also use it to check the validity of the sender.
Figure 2
Invalid Signatures
The following is an example of an invalid email signature. You recognize it by a red circle with a white X in it. Again you can click on “View Certificate” (Figure 3). To take a closer look at the details of the used security certificate (Figure4).
Figure 3
Figure 4
Thunderbird
Valid Signatures
In Thunderbird a valid email signature is displayed by an envelope with a red seal (Figure 1). To view more details about the signature, click on the envelope.
Figure 1
In the details you can see more information about the security certificate: name and email address of the person who signed the certificate, as well as the authority by which the certificate has been issued (“Certificate Issued by"). If you are interested you can also see the entire security certificate by clicking on “View Signature Certificate".
Figure 2
Invalid Signatures
Invalid email signatures in Thunderbird are displayed with a red circle with a white X in it (see Figure 3). To see more details of the security certificate click on the envelope.
Figure 3
The details of the security certificate (Figure 4) provide information about the person which has been signed the message (name and e-mail address) and the issuer of the certificate (“Certificate Issued by"). Here you will again be clearly pointed out that the signature is invalid. If you wish to view the entire certificate, click on the button “View Signature Certificate”.
Figure 4
Outlook
Valid Signature
In Outlook a valid email signature appears with a small red seal on the right. The “Signed by" field also indicates who signed the message (Figure 1).
Figure 1
If you want to take a look at the details of the signature, click on the red seal. Afterwards a window opens in which the signature is summarized in which again it should be pointed out that the email signature has been created with a valid certificate.
Figure 2
Invalid Signature
You can recognize an invalid signature in Outlook by a corresponding message and a yellow warning icon with a red exclamation mark. In addition a red solid bar is visible between the head of the email and the text message (Figure 3). If you want to take a closer look at the details of the signature, click on the warning symbol to open the details window (Figure 4).
Figure 3
The details window shows who signed the message. You will also be reminded that this certificate is invalid or not trustable.
Figure 4
UCO Hamburg
| Phone: | +49 (0)40 8998 5005 |
| E-Mail: | UCO Hamburg |
| Location: | 2b / 131d |
| Link: |
https://it.desy.de/services/uco
|
