Indeed there are much simple ways to get the encrypted messages by adding
some header fields like Reply-To, Sender, To, CC, etc. Since these header
fields are not cryptographically protected by the signature and encryption,
the recipient mail client is not able to detect the modification. If she
answers the email, a copy will be delivered to the attacker.
Sure the aforementioned attack can be HINDERED by the inline message type
message/rfc822 introducted in S/MIME v3.1. I use here the word HINDER
instead of PREVENT due to the fact that the specification does not prevent
the recipient client from using the outer header fields which are not
protected. By the way, not all of email clients (indeed I know none) can be
configured to accept only intern message/rfc822 type.
smime mailing list