|
|
|
|
|
|
by nitrogen
4003 days ago
|
|
|
If the original message is delivered via SMTP, it's supposedly fairly easy to force unencrypted SMTP if you have a MITM. Then you can just rewrite the URL in the message to a domain for which you have a valid cert, or rewrite it to use http instead of https and intercept/proxy the http requests. |
|
|