Email clients could have adopted the fail-safe option of considering such a mixed message to be malformed and therefore treated as unsigned or as having an invalid signature. The problem arises because it is possible to have a multi-part email where some parts are signed and some are not.
I doubt I was the first person to discover this, and I reported it as a bug 5 years ago, but it still seems possible to exploit and I haven’t found a proper description, so this blog post summarises the issue. However, not only can MIME be used to compromise the secrecy of messages, but it can also be used to tamper with digitally-signed messages in a way that would be difficult if not impossible for the average person to detect. The authors of the EFAIL paper used the interaction between MIME and the encryption standard (OpenPGP or S/MIME as appropriate) to cause the email client to leak the decrypted contents of a message.
the body of the message and one or more attachments) – known as MIME (Multipurpose Internet Mail Extensions). One of the methods to exploit EFAIL relied on the section of the email standard that allows messages to be in multiple parts (e.g. The end result is that users of encrypted email, who wanted formatting better than what a mechanical typewriter could offer, were likely at risk.
There’s been a lot of finger-pointing as to which particular bit of software is to blame, but that’s mostly irrelevant to the people who need secure email. The EFAIL vulnerability in the OpenPGP and S/MIME secure email systems, publicly disclosed yesterday, allows an eavesdropper to obtain the contents of encrypted messages.