On Fri, 17 May 2024, Taavi Eomäe via mailop wrote:
As part of coordinated disclosure, I am sharing it here as well. In short,
using the approach described below, attackers can replace the entire contents
of a letter, in a way the letters still pass DKIM’s cryptographic checks.
This also means these forged letters can be easily replayed to reach their
victims. This subverts many of the expectations operators have about DKIM
signatures, DMARC and BIMI.
Although some of these dangers have been known for a while (some parts are
even described in the RFC itself), things like the threat landscape, our
approach and the extent to which this can be abused have changed. In our
opinion previously suggested and (rarely) implemented mitigations do not
reduce these risks sufficiently.
We hope that with some cooperation from mail operators improved defense
measures can be implemented to strengthen DKIM for everyone.
A longer description with images is available here:
https://www.zone.eu/blog/2024/05/17/bimi-and-dmarc-cant-save-you/
Of course.
DKIM signs *pieces* of an email.
If the mail system uses a DKIM pass to show the *other pieces*
of the message as trusted, then bad things can happen.
--
Andrew C. Aitchison Kendal, UK
and...@aitchison.me.uk_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
