14 Aug
2021
14 Aug
'21
9:50 p.m.
Reply-to and From are both listed twice
This is called "oversigning" and means that a null variant of Reply-To: and From: are signed too, preventing adding additional headers of Reply-To: And From:.
This is particular important for headers that are permitted to be in a email multiple times, as an attacker could add headers into a signed mail without failing signature, if the headers are not "oversigned".
With oversigning (twice header listing):
Signed: Reply-To: me@somebody.com
In email: Reply-To: me@somebody.com Reply-To: attacker@suspicious.com
Would fail signature.
Without oversigning (header only listed once):
Signed: Reply-To: me@somebody.com
In email: Reply-To: me@somebody.com Reply-To: attacker@suspicious.com
Would pass signature.