Closed Bug 118473 Opened 23 years ago Closed 23 years ago

RFE: No HTML mail processing ("sandbox" from webbugs)

Categories

(MailNews Core :: Security, enhancement)

Product:
MailNews Core
Component:
Security
Platform:
x86
Linux
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 28327

People

(Reporter: dylang, Assigned: security-bugs)

Details

From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.7+) Gecko/20020103 BuildID: 2002010308 I try with Procmail to reject all HTML email, but sometimes a piece or two will slip through. I want protection from having the HTML engine parse the email, or (preferred for people who receive legit HTML email) have a mode where the engine won't go out and touch anything on the remote network (whitelist of allowed URL resources inside the message). This shouldn't be too hard to implement by someone who has knowledge of the code paths. Insert a switch based on security and privacy in the "content-type" decision path, and have a panel in prefs. Reproducible: Always Steps to Reproduce: 1. Get an HTML spam email with a web bug. 2. Open it. 3. Get much more spam email.
*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Closed: 23 years ago
Resolution: --- → DUPLICATE
Verified.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.