Closed Bug 307635 Opened 19 years ago Closed 19 years ago

Starting with today's nightly (branch) a lot of newsletters are being marked as scam

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: matjaz.bugzilla.2005, Assigned: mscott)

References

Details

Attachments

(1 file)

Mail source
51.87 KB, text/plain
Details 
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4

With today's build (version 1.5 Beta 1 (20050908)) every Lockergnome mail is
marked as scam - this happens when viewing new and old newsletters (that were
not marked as scam till today), so it definitly isn't the change in Lockergnome
newsletters (unless it has something to do with remote images).

I'm attaching the message source.

Reproducible: Always

Steps to Reproduce:
Attached file Mail source 

    
    

    
  
Ok, I found out that a lot of other newsletters are marked as scam as well,
including Sitepoint, Developer Shed, Scotts Newsletter, some Dr Dobb's
newsletters, some Sun newsletters (Java).

Changed the summary to reflect the latest discovery.

Original summary:
Starting with today's nightly (branch) mail from Lockergnome is marked as scam
Summary: Starting with today's nightly (branch) mail from Lockergnome is marked as scam → Starting with today's nightly (branch) a lot of newsletters are being marked as scam

    
    

    
  
I have a feeling this is because the fix for bug 307024 made the phishing
detector actually test mails that contain named anchor links. Before that fix
any mail with a named anchor at top would never be recognized as a scam I think. 

For instance, in your example the following is one of the things that would have
made it suspect a scam. (Because the link value text contains an web address
which is not the link address. )

 <a
href="mailto:?Subject=From%20Lockergnome:%20Wireless Local Body
Network Soon To Connect All Your Portable
Devices&cc=*********************?&body=Wireless Local Body Network Soon To
Connect All Your Portable
Devices:&nbsp;http://channels.lockergnome.com/web/archives/20050721_wireless_local_body_network_soon_to_connect_all_your_portable_devices.phtml">Send
Link to Friends</a> 

    
    

    
  
Sorry, in your example it is the embedded <form> that makes it trigger the
"possible scam". mailto-links wouldn't trigger it. 

    
    

    
  
-> INVALID since this is actually a result of the phishing detector doing it's
job now (a job which may or may not be ideal, but that's another story)
Status: UNCONFIRMED → RESOLVED
Closed: 19 years ago
Resolution: --- → INVALID

    
    

    
  
*** Bug 317389 has been marked as a duplicate of this bug. ***

    
    

    
  
I have this problem today (1.5.0.2 on Linux) (05/03/2006) even after adding the senders's address to my address book.

I don't want to turn the feature off as it does catch real problems.

There needs to be some way to make it accept some additional things without just blanket acceptance.

I realize this isn't so easy.  Just "whitelisting" an address opens a door for "real" scams using that address.

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: