On Tue, 1 Mar 2011, MH Michael Hammer wrote:
The display name is problematic as Mr. Crocker has pointed out. One
solution to this which I have suggested in the past is to not display
the display name in the MUA if the email fails to authenticate.
That won't help. The attack mail will authenticate successfully -- the
attack hurts because the identity the *computer* thinks it was expected to
verify is not the identity the *human* thinks has been verified.
Both the double-From: and the Full Name attack rely on that principle,
but the double-From: is less of a threat. Since double-From: is based on
a protocol violation with no history of accidental use, it can be blocked
with no false positives. (Also, there's a half a chance the MUA will
display the From: the attacker intended only for the validator, to the
human.)
To fix this in the MUA, I'd have it strip the Full Name from *all*
messages, then re-insert the Full Name as listed in the user's address
book if there is any match against the real address.
---- Michael Deutschmann <michael(_at_)talamasca(_dot_)ocis(_dot_)net>
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html