When efail came out, I wrote a blogpost about the security risks of HTML mail.
It is really amazing how problematic all of this is, despite its widespread use. The HTML mail spec is really old, and contains almost no security considerations.
HTML in emails can only be a subset of HTML to be secure. But nobody has ever defined what exactly that subset is, so everyone does whatever they think. And unsurprisingly, this leads to an endless stream of security flaws.
It is really amazing how problematic all of this is, despite its widespread use. The HTML mail spec is really old, and contains almost no security considerations.
HTML in emails can only be a subset of HTML to be secure. But nobody has ever defined what exactly that subset is, so everyone does whatever they think. And unsurprisingly, this leads to an endless stream of security flaws.
See: https://blog.hboeck.de/archives/894-Efail-HTML-Mails-have-no...