• Overview: A vulnerability in the DomainKeys Identified Mail (DKIM) standard affects the global e-mail ecosystem, putting billions of users at risk. Forged emails can pass DKIM and DMARC checks and even display brand logos in some email services like Apple Mail and Gmail.
• Vulnerability Details: Attackers can create forged emails by modifying DKIM-signed messages. Many senders don't sign the Content-Type header, allowing attackers to replace it. Some implementations don't handle multiple Content-Type headers well. The "l=" tag in DKIM for defining email body length is also exploited.
• Technical Synopsis: The "l=" tag's risks were known since DKIM's publication. Attacks involve modifying the Content-Type header and adding new MIME structures. Mitigation includes protecting the Content-Type header in the signature and rotating DKIM keys.
• Practical Examples: Many prominent domains like tesla.com, etc., have sent malleable letters. Modified DHL letters have been observed in Gmail.
• Mitigation Steps: Follow the DKIM standard's "Security Considerations" to avoid the attack. Assessors should reject old DKIM signatures. Email senders should rotate their DKIM keys.
• Timeline: Informed various parties from 2024-01-26 to 2024-03-21. Google confirmed and planned to fix the problem. Google seems to have implemented mitigations by 2024-04-05 and proposed public disclosure on 2024-05-17.
• Disclosure: Observed by Zone.eu analysts and coordinated by Taavi Eomäe with CERT-EE. Grateful for collaboration in mitigating the issue.