On 15-05-18 12:06, Andi via Users wrote:
Zitat von Martijn Brinkers via Users <users(a)lists.djigzo.com>om>:
What might be a secure fallback is to get a setting for ciphermail to
only decrypt valid signed e-mail and simply pass it along if there is no
signature or invalid signed. This could be a setting for the security
aware operator in the spirit of "better safe than sorry", no?
This will prevent ciphermail from using the decryption key in cases
where the user might get tricked to trust the sender otherwise.
That might work but I do not know how often email is encrypted and not
signed. Also in theory the attacker should be able to generate a signed
message (although I think this is not feasible in practice).
I have written a short article on how you can detect whether a decrypted
email was misused for EFAIL (see other email to mailing list).
CipherMail email encryption
Email encryption with support for S/MIME, OpenPGP, PDF encryption and
secure webmail pull.