Just an FYI if anyone ever has this problem…
We had some trouble sending Certs (public key) from one email client to another (in this case Thunderbird). The receiving email client would not recognize that the incoming email had a digital signature attached, and therefor couldn’t/wouldn’t add the public key to the Certificate list.
The message source indicated that the digital sig’ was indeed in there, but it didnt look quite right.
The email server in question uses DSPAM for spam control, which inserts a Token into the email body showing its Dspam Verification# in the email. Turns out the insertion of the Dspam Token was corrupting the Digital Signature info, which is why the receiving email client couldn’t interpret it properly.
We reconfigured Dspam on our server (this is a server-side config only) to insert the Dspam Token into the HEADER only rather than the email BODY. This solved the problem for us, and all clients on our server receive Digital Sig’s properly now.
Hope that helps somebody 