What is "naive" or "incorrect" about the following decoding?
potus(_at_)whitehouse(_dot_)gov<null>potus(_at_)whitehouse(_dot_)gov@mailsploit.com
"=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=" quite literally does decode to
"potus(_at_)whitehouse(_dot_)gov"
encoded-words are simply not permitted inside email addresses. MUA
shouldn't attempt to decode this at all.
Or are you indicating that the naivety is the fact that MUAs may
incorrectly handle the null containing string? Possibly believing that the
MUA will use null termination and incorrectly believe that the From:
address is just "potus(_at_)whitehouse(_dot_)gov"?
Attempting to decode is the first problem, incorrectly handling null
terminators and new lines is the second issue.
MUAs simply don't expect new lines and null terminators there.
Although it's not a direct attack on DKIM, if DKIM is implemented properly
and email address decoding and displaying isn't, users might be fooled.
That is an MUA issue. Perhaps DKIM helps re-enforce an incorrect
assumption based on a bad MUA trait. But I don't see that as a DKIM issue.
DKIM works as expected, but as you said it may re-enforce an incorrect
assumption that email is from respected source.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html