Closed Bug 138151 Opened 22 years ago Closed 22 years ago

add feature: disable opening/including images ("http://" infomation) from internet in html-mails

Categories

(MailNews Core :: Security, enhancement)

Product:
MailNews Core
Component:
Security
Platform:
x86
All
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 28327

People

(Reporter: hsi, Assigned: security-bugs)

Details

If you get an email in HTML format there could be images from the internet
included (by a <img src="http://www.foo.bar/image.gif"> tag). Sometimes spammers
are using this feature to talkback to their server and tell them the adresse the
spam mail was sent to (by a <img src="http://www.foo.bar/image.php?hsi@gmx.net">
tag). Same could be by including a webpage.

A possibility to prevent that mails to talkback would be the feature to disable
opening "http://"-information by HTML mails. This could be added in the
prefereces dialog as the "advanced -> script and windows" functionality in
mozilla browser currently works.
You should try the RC1 get it's done. Ben Bucksch has added new preferences to
disable some tags in html mails.

But anyway, this bug is a dup.

*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Verified dupe.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.