macOS 11.6.7 Big Sur Fixes Email Attachment Bug

Originally published at: macOS 11.6.7 Big Sur Fixes Email Attachment Bug - TidBITS

If you’re still running macOS 11 Big Sur, it’s worth updating to the quietly released version 11.6.7, which fixes a problem that prevented email apps from opening attachments. It may also help clear Time Machine blockages, but it could also introduce problems by removing Rosetta from M1 Macs.

1 Like

11.6.7 may have introduced another bug in handling of email attachments. I installed it on June 11. On June 14, I signed and returned a contract using an electronic signature using Adobe Acrobat. I have done this before without problem, but this time the process of securing the signature added an attachment that I did not notice at the time. A few days later, email I sent to a mailing list bounced, and the operator asked me to check it. It turned out that the contract signature process had added an option to Apple Mail that automatically added a secure signature to every email I sent from the email account I sent from the same account I used to send the signed contract. That file was ‘Content-Type: multipart/signed;’ which the mailing list automatically bounces. When I looked further, I found a self-signed root certificate in my keychain which had not been verified by a third party which was created June 14, which apparently was producing the signature attachments. With a little further investigation, I found a small icon on the right end of the Subject line in new email messages that let me turn off sending the signatures.

I’m not certain if the bug is new in 11.6.7 because I installed Big Sur after the last time I had to sign an electronic signature, but it was a pain in the rear, and caused some initial panic because my first thought when I found the unexpected attachments was malware. The only way I can make it show up in sent Apple Mail messages is to click on SHOW DETAILS at the upper right of the message, which produces a box saying “Unable to verify message signature: Mail was unable to verify the authenticity of the S/MIME certificate provided by (me). Messages signed by this user may be coming from a different source.” Although that suggests Apple Mail did not send it, I found the signature attachment in my ISP’s sent email file (although I sent the message through Apple Mail). I wasted a lot of time having to figure this out, so I’m passing it along in case others have the same problem.