As Efail vulnerabilities are not inherent to OpenPGP, they are related to buggy email clients. Therefore, we recommend that you take the following mitigation actions, in case you are using your Mailfence account with any of these buggy email clients .
By using a separate (command-line based) application outside your email client to decrypt incoming emails while avoiding opening exfiltration channels. This requires you to save incoming messages to a file, and then open them using the command line .
Disable HTML Rendering and Remote Content Loading
Preventing your email client from rendering HTML and loading remote content will protect you from the most prevalent form of exfiltration channel generation. Please consult your email client's list of cambodia whatsapp phone numbers specific documentation for this.
P. ej. Thunderbird:
Disable HTML:
In the upper right corner, click the Menu button .
Click View .
In the Message Body As section , choose Plain Text .
Disable external content:
In the upper right corner, click the Menu button .
Click Options .
Under Privacy , select Plain Text .
In the Mail Content section , uncheck the Allow remote content in messages box .
Again, since the efail vulnerabilities are not in the OpenPGP protocol itself, apply updates to your OpenPGP-based email client as soon as they become available .
Other points about Efail vulnerabilities
OpenPGP remains one of the best ways to encrypt emails, and is reliable as long as it is implemented correctly and used securely. The Efail vulnerabilities pointed out by security researchers relate to how end-to-end encryption protocols interact with modern email programs that implement such protocols. This means that if any of your recipients are using the buggy email client, then it poses a potential risk of exfiltration of the plaintext of encrypted emails. This is yet another reason why you should encourage others to use a secure and private webmail service like Mailfence .
