Versions Compared

Old Version 7

changes.mady.by.user Metin Savignano

Saved on

compared with

New Version 8

changes.mady.by.user Metin Savignano

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

With S/Notify 3.6.1, we have fixed an issue that caused incoming email checked by the standard email handler to be marked ‘seen’, causing the JSM mail handler to skip them in subsequent retrievals.

Issues Resolved with S/Notify 3.6.0

Inline PGP Not Supported (Jira only)

Preconditions

  • inbound email processing is active with PGP support

  • and users may decide to send PGP/inline encrypted emails

Description

S/Notify supports the only standard there is for sending OpenPGP Mails, which is PGP/MIME. PGP/inline is an undocumented non-standard format, which leads to several problems, which is why it should not be used any more. In the past this was a controversial question, but recently there’s come to be a consensus: use PGP/MIME whenever possible.

This should not be a problem for outgoing emails, but note that incoming PGP encrypted emails are not recognized when they are in PGP/inline format. 

Resolution

Support for PGP/Inline in incoming emails can now be enabled. For security reasons, it is disabled by default.

Please refer to https://savignano.atlassian.net/wiki/spaces/SNOTIFY/pages/2624880659/Advanced+Settings#Support-Incoming-PGP/Inline for details.

Issues Resolved with S/Notify 3.4.2

SMTP connection in Jira Email This Issue

...

  • You use the Jira Email This Issue app

  • Jira Email This Issue app is configured to send emails over its own built-in SMTP Connection handler

Description

A ClassNotFound or UnsupportedDataType exception occurs when S/Notify tries to encrypt the email. This is due to an issue with the class loader not finding existing classes.

Resolution

With S/Notify 3.4.2, we have provided a solution for this issue

...

Class Loader Issue with Java Mail Library

Preconditions

  • You use Jira 8.10 and newer with Jira Service Management installed as an app, or you use Jira Service Management 4.10 and newer 

  • You use project-specific email channels as configured under Jira Administration > Projects > Email requests

Info

Note that the standard email handler as configured under Jira Administration > System > Outgoing Mail is not affected by this issue!

Description

In Jira 8.10, Atlassian updated Java mail library to jakarta.mail-1.6.5.jar to fix an issue with javax.mail-1.6.2.jar, but unfortunately, while doing so, they obviously introduced a class loader issue. Due to this issue, an error occurs when using project-specific email channels (Project Settings > Email Requests > Setup you email channel) if S/Notify is installed. 

...

The issue affects S/Notify with Jira Service Management 4.10 and newer or Jira 8.10 and newer with Jira Service Management (any version) installed as an app.

Resolution 

We have reported this problem to Atlassian. 

...

POP Mail Server issue with Jira Service Desk

Preconditions

  • You use Jira Service Desk

  • You have configured a POP mail server account for incoming mail

  • You use S/Notify 3.2.1

Description

With POP accounts, when searching for incoming mails, a StackOverflowException can occur. As a consequence, the incoming emails of that account cannot be read.

This issue was introduced with S/Notify 3.2. Sorry for that!

Resolution 

A fix has been released with S/Notify 3.2.2 for Jira.

...

Upgrade issue in S/Notify 3.2.0

Preconditions

  • S/Notify was upgraded to 3.2.0 from an earlier version

  • and per-project encryption in Jira or per-space encryption in Confluence was active

...

When upgrading to S/Notify 3.2.0 from an earlier version, the per-project / per-space encryption settings were lost.

Resolution

A fix has been released with S/Notify 3.2.1 for Jira and Confluence.

...

Encryption of ambiguous emails 

Preconditions

  • you have configured Jira for per-project encryption or Confluence for per-space encryption

  • and you have set encryption for ambiguous emails to off

Description

If a notification is sent for a project or space with activated encryption, and if the notification contains a link to another project or space with deactivated encryption, the email will not be encrypted. This is because, in this case, the email is considered to refer to more than one project or space, and then the configuration setting for ambiguous emails is used.

Resolution

From S/Notify 3.1, the encryption handling for emails with multiple project or space references is configured separately from emails with no project or space reference at all, the latter now being under Encryption Settings >Per Project/Per Space Encryption > Encrypt other.

...

Prior to release 3.1, you should activate encryption for all ambiguous emails.

Password reset emails

Preconditions

  • you have configured that unencrypted emails are not allowed

  • and for some users, there may be no PGP key or S/MIME certificate available

Description

If S/Notify is configured to not allow unencrypted notifications, then no unencrypted emails are sent at all. While this is undoubtedly the designed and expected behavior, it may have the possibly unwanted side effect that users can request password reset emails, but they will never receive them because they cannot be encrypted.

Resolution

From S/Notify 3.1, emails not referring to any Jira project or Confluence space can be handled separately using the configuration setting under Encryption Settings >Per Project/Per Space Encryption > Encrypt other. 

Opaque signatures (Jira only)

Preconditions

  • inbound email processing is active

  • and users send emails with a so-called opaque signature (application/pkcs7-mime with SignedData)

  • and you have configured S/Notify not to remove signatures of inbound signed emails

Description

Opaque signatures are signatures that are not a separate part of the clear text email, but the email contents has become part of the signature. This type of signature has a disadvantage of not allowing clients that are not S/MIME capable to see the message contents while at the same time, it does not provide any additional safety because the data are just encoded, not encrypted. Therefore, it has become uncommon to use opaque signatures. However, in some situations it may be in use because it prevents mail servers (like Exchange servers sometimes) from reformatting the mail contents. When S/Notify removes an opaque signature from an inbound email, its encoded email contents gets decoded and passed on to Jira inbound processing, but when it is configured not to remove signatures from inbound emails, the signature is left untouched and therefore the encoded email contents will not get extracted.

Resolution

From S/Notify 3.1, opaque signatures will be decoded and the message contents passed on to inbound processing, while the original signature will either be dropped or re-attached to the decoded message according to what is configured under Encryption Settings > Outgoing Signatures > Remove signature.

Overlapping server S/MIME certificates (Jira only)

Preconditions

  • there is more than one valid S/MIME certificate in the server key store for the server's email address

Description

If more than one S/MIME certificate is available in the server key store, then S/Notify could fail to select the correct one, i.e. the one that the incoming email has been encrypted with.

Resolution

From S/Notify 3.1, if multiple S/MIME certificates are stored in the server key store, the appropriate S/MIME certificate will be searched and selected for decryption.

...