Another case is you e-mail account is compromised, and DKIM/DMARC are helpless again.
Actually, you probably do not need to spoof the e-mail address and can attack with random From:, because message is decoded regardless of address in the From: and this attack does not require sender's signature to be checked. I haven't checked though. P.S. In addition, in most MUAs vulnerable, you can bypass DKIM/DMARC (and actually any headers check on MTA side) with message/partial. This kind of bypass is explained here http://securityvulns.comLdocument310.html but it's another story. 18.05.2018 17:16, Steve Atkins пишет: >> On May 18, 2018, at 7:09 AM, Vladimir Dubrovin <[email protected]> wrote: >> >> >> EFAIL exploitation requires MitM conditions. Neither DKIM nor DMARC protect >> against attacker able to perform MitM. >> > It just requires the attacker to have a copy of the encrypted mail. Passive > mitm is one approach to that, but only one of many. > > Cheers, > Steve > >> 15.05.2018 17:15, Kurt Andersen пишет: >>> Manipulating MIME structures in email messages to expose the encrypted >>> content: https://efail.de/ >>> >>> --Kurt >>> >>> >>> _______________________________________________ >>> dmarc mailing list >>> >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/dmarc >> -- >> Vladimir Dubrovin >> @Mail.Ru >> >> _______________________________________________ >> dmarc mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/dmarc > _______________________________________________ > dmarc mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dmarc -- Vladimir Dubrovin @Mail.Ru _______________________________________________ dmarc mailing list [email protected] https://www.ietf.org/mailman/listinfo/dmarc
