> > >> What is "naive" or "incorrect" about the following decoding? > > [email protected]<null>[email protected]@mailsploit.com > > "=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=" quite literally does decode to > "[email protected]" >
encoded-words are simply not permitted inside email addresses. MUA shouldn't attempt to decode this at all. > > Or are you indicating that the naivety is the fact that MUAs may > incorrectly handle the null containing string? Possibly believing that the > MUA will use null termination and incorrectly believe that the From: > address is just "[email protected]"? > > Attempting to decode is the first problem, incorrectly handling null terminators and new lines is the second issue. MUAs simply don't expect new lines and null terminators there. > Although it's not a direct attack on DKIM, if DKIM is implemented properly >> and email address decoding and displaying isn't, users might be fooled. >> > > That is an MUA issue. Perhaps DKIM helps re-enforce an incorrect > assumption based on a bad MUA trait. But I don't see that as a DKIM issue. DKIM works as expected, but as you said it may re-enforce an incorrect assumption that email is from respected source.
_______________________________________________ NOTE WELL: This list operates according to http://mipassoc.org/dkim/ietf-list-rules.html
