Here's my understanding of the quarantining system (If found Bug 1144999 a useful read on this): The POP3 code has an option (mailnews.downloadToTempFile=true) to download messages first into a temporary file, before adding it properly to the mailstore. The reason is to allow antivirus apps to scan the individual email file and potentially quarantine it, rather than quarantining the entire mbox, and screwing up an entire folder-worth of the users email(!). (I'm guessing that TB experiences a quarantine by the AV software as a read error when it tries to access an embargoed file? Can't really see any other sensible way for the AV software to intervene. I'm sure there are some notification hooks in Windows, say. But the the AV still needs deal with apps which don't use those, and I think faking an error is the only way). So far, so good. But there are a few issues: 1) what about other protocols, eg IMAP? (seems to be POP3 only right now!) 2) it seems to cause a lot of strife with filters (lots of bugs reported over the years) 3) it's not needed for maildir, which already writes emails to individual files. (there's code to bypass it, depending on the type of mailstore) My proposal is that quarantining should be handled inside the mailstore code (if required - it'd be a no-op on maildir). This would mean it'd automagically apply to any protocol which wants offline storage, and simplifies the whole mail delivery/filter application code. Stupid idea? Is there anything I'm missing?
Bug 1717147 Comment 0 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
Here's my understanding of the quarantining system (I found Bug 1144999 a useful read on this): The POP3 code has an option (mailnews.downloadToTempFile=true) to download messages first into a temporary file, before adding it properly to the mailstore. The reason is to allow antivirus apps to scan the individual email file and potentially quarantine it, rather than quarantining the entire mbox, and screwing up an entire folder-worth of the users email(!). (I'm guessing that TB experiences a quarantine by the AV software as a read error when it tries to access an embargoed file? Can't really see any other sensible way for the AV software to intervene. I'm sure there are some notification hooks in Windows, say. But the the AV still needs deal with apps which don't use those, and I think faking an error is the only way). So far, so good. But there are a few issues: 1) what about other protocols, eg IMAP? (seems to be POP3 only right now!) 2) it seems to cause a lot of strife with filters (lots of bugs reported over the years) 3) it's not needed for maildir, which already writes emails to individual files. (there's code to bypass it, depending on the type of mailstore) My proposal is that quarantining should be handled inside the mailstore code (if required - it'd be a no-op on maildir). This would mean it'd automagically apply to any protocol which wants offline storage, and simplifies the whole mail delivery/filter application code. Stupid idea? Is there anything I'm missing?