TL;DR: XMPP clients can't distinguish between legitimate and injected messages, even if OMEMO is enabled. The XMPP client just displays injected messages as an unencrypted message from the sender.
In Conversations unauthenticated messages are displayed with a red background, whereas OMEMO authenticated messages are displayed in green. They do not look the same.
As mentioned in the linked article, the behavior upon receiving an injected message is client specific. In any way, the injected message is somehow presented to the (non-technical) user who might then be targeted. We all know the same problem exists in the e-mail world.
> Signal operators can also inject messages to people.
Did you check this, and can you demonstrate a server-side message injection so that the Signal clients display the injected message correctly, leaving the recipient vulnerable to spoofed messages? Would be nice to see for the security community.
> What holds true in both systems is that if someone does this, it's detectable thanks to E2EE.
What also holds true: One system enforces E2EE; for the other system E2EE is optional, depends on the client, and while spoofing could be detected thanks to E2EE, all clients we checked didn't detect it (Gajim, Conversations, Psi+, Profanity).
If you start with an argument 'non trusted server admin can do things to my xmpp', it's strange that you don't apply same logic to Signal admins, who control the server and ship an app to you which you can't really verify.
See https://infosec-handbook.eu/articles/xmpp-aitm/#t5
TL;DR: XMPP clients can't distinguish between legitimate and injected messages, even if OMEMO is enabled. The XMPP client just displays injected messages as an unencrypted message from the sender.