Closed
Bug 535976
Opened 15 years ago
Closed 14 years ago
Unwanted DNS queries when opening mail, potential privacy issue
Categories
(SeaMonkey :: MailNews: Message Display, defect)
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: lj308, Assigned: standard8)
References
Details
(Keywords: privacy, Whiteboard: [fixed by bug 544745])
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.6) Gecko/20091218 SeaMonkey/2.0.1 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.6) Gecko/20091218 SeaMonkey/2.0.1 When you open a mail message, Seamonkey2 seems to do a DNS query for the hostname in every URL in the message. This happens even for text format messages. These are unwanted and unnecessary. This also creates a potential privacy problem. Seamonkey normally blocks loading remote content from messages, to defeat "web bugs" and the like. With this new Seamonkey2 DNS lookup feature, spammers and other privacy violators may soon realize they can use this feature to detect when their messages are opened. All they have to do is include a unique hostname in a URL in their message. Like this: http://user12345678.mytracker.mysite.example.com With a DNS server that records all lookups to the subdomain mytracker.mysite.example.com, they now can tell when you opened their message. Reproducible: Always Steps to Reproduce: 1. Start up a network analyzer program like wireshark. 2. Open any email, even text/plain, that contains a URL. For example: "You must have Adobe Reader installed on your PC to view the press releases. Adobe Reader can be downloaded free of charge at http://www.adobe.com" 3. Examine the network analyzer display. Actual Results: A DNS lookup for www.adobe.com was sent from Seamonkey. Expected Results: No network traffic, unless I click on a link in the message. I have network.prefetch-next=false, in case it matters. Seamonkey1.1 and Thunderbird2.0.0.23 do not have this issue.
Comment 1•15 years ago
|
||
Does Thunderbird 3 have this issue? It's probably DNS prefetching. What if you change the network.dns.disablePrefetch pref to true? Do you still see the DNS queries then?
Comment 2•15 years ago
|
||
That would be a clear regression of bug 492196, where we explicitly fixed this issue for MailNews...
Comment 3•15 years ago
|
||
Also see bug 486127. I can NOT confirm this with a self-built debug SeaMonkey "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.7pre) Gecko/20091219 SeaMonkey/2.0.2pre" off the 1.9.1 branch, I'll check with a public build later.
Sorry I do not have Thunderbird 3 available to try it. There is no existing preference network.dns.disablePrefetch so I added it with boolean type, value False, and yes it does stop the DNS lookups when messages are opened. Those two bug reports are this same problem (but they are reported as fixed?) (I did search but failed to find either of those bugs. Sorry. "dns seamonkey mail query" does not find them. Had I tried "dns seamonkey mail queries" it would have popped right up.)
Comment 5•15 years ago
|
||
OK, I can confirm that in "show as plain text" mode, my SeaMonkey 2.0.x requests DNS data for any URL it encounters when I read email. I don't see how it would invade privacy without someone malicious logging my network traffic, owning my DNS server or MITMing my DNS requests, but the described behavior is there.
Comment 6•15 years ago
|
||
Actually, I see how bug 492196 allowed different docshells to allow or disallow DNS prefetch, I haven't found where anything besides the microsummary service sets it deliberately - I haven't yet looked through all results of http://mxr.mozilla.org/comm-central/search?string=AllowDNSPrefetch but nothing obvious strikes out.
Comment 7•15 years ago
|
||
Oops, one look later, I found http://mxr.mozilla.org/comm-central/source/mozilla/docshell/base/nsDocShell.cpp#1950 - now the question is why that seems to not work.
Updated•15 years ago
|
Workaround is to switch of all DNS prefetching with the preference network.dns.disablePrefetch = true
Status: UNCONFIRMED → NEW
Ever confirmed: true
Assignee | ||
Updated•14 years ago
|
Assignee: nobody → bugzilla
OS: Linux → All
Hardware: x86 → All
Updated•14 years ago
|
Depends on: CVE-2009-4629
Assignee | ||
Comment 10•14 years ago
|
||
This has been fixed by the patch on bug 544745.
Status: NEW → RESOLVED
Closed: 14 years ago
Resolution: --- → FIXED
Whiteboard: [fixed by bug 544745]
You need to log in
before you can comment on or make changes to this bug.
Description
•