Closed Bug 141559 Opened 22 years ago Closed 22 years ago

SECURITY: mail doesn't respect image security options.

Categories

(MailNews Core :: Security, defect)

Product:
MailNews Core
Component:
Security
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
major

Tracking

(Not tracked)

Status:
VERIFIED DUPLICATE of bug 28327

People

(Reporter: ellson, Assigned: security-bugs)

Details

The spammers are sending email with embedded image URLs with codes in them, and
then tracking users by recognizing when Mozilla mail fetches those URLs.

There urgently needs to be a security option to fetch no images (or other URLs)
when viewing email.

One fix might be to tie into the "images only from same server"
option so that images that are mutipart attachments are OK, but not external
references.

*** This bug has been marked as a duplicate of 97055 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Marking it as a duplicate of 97055 is insufficient.

This is a SECURITY problem.   97055 is marked as an enhancement and obviously
isn't being treatyed with sufficient priority!
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---

*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago22 years ago
Resolution: --- → DUPLICATE
Verified dupe. The problem is known.
Status: RESOLVED → VERIFIED
Product: MailNews → Core
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.