Closed Bug 1596413 Opened 2 months ago Closed 2 months ago

Positive answer to "Are you sure you want to visit" site is failing for message with IP and link text that isn't a url

Categories

(Thunderbird :: Message Reader UI, defect)

defect
Not set

Tracking

(thunderbird_esr6871+ fixed, thunderbird71 fixed, thunderbird72 fixed)

VERIFIED FIXED
Thunderbird 72.0
Tracking Status
thunderbird_esr68 71+ fixed
thunderbird71 --- fixed
thunderbird72 --- fixed

People

(Reporter: mspiegel, Assigned: mkmelin)

Details

(Keywords: regression)

Attachments

(2 files)

User Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:70.0) Gecko/20100101 Firefox/70.0

Steps to reproduce:

Attached zip contains mail parcel is from my company's potential spam report.
Clicked on "deliver" for either one.

Actual results:

Popup says "Thunderbird thinks this message is a scam. The links in the message may be trying to impersonate web pages ... Are you sure you want to visit [IP addr]?"

Clicking "yes" (as well as "no") does nothing.

Expected results:

Clicking yes is supposed to trigger opening a confirmation web page generated by my company's spam filter (SpamTitan/Titan HQ). If the web page isn't opened, the held email is not delivered. [As it turns out, both emails were promotions from two different music group, and not undesired spam]

Attachment zip contains a screenshot of the pop up, and the spam report email

Hmm, I loaded the message and can see the prompt. The "Yes" button should take me to:
http://205.132.0.197/quarantine.php?secret_id=s0h6imXybrA7&mail_id=ehWkIaQCbLVd&action=release&msgtype=S&ver=3&language=en_US&email=mspiegel@appcomsci.com
which of course wouldn't work for me.

Who's familiar with this area?

Flags: needinfo?(mkmelin+mozilla)
Flags: needinfo?(jsbruner)

I was afraid you might not be able to reproduce....
But at least the link should emit a request to the browser to open up that page.

This problem - not generating a request to open up the page on the already-running Firefox - appeared with most recent Thunderbird release.
This release also has the code to say "Link mismatch detected ... the link you just clicked seems to lead to another site than what the link text indicated" with the options Go to [IP address] Go to [other IP address] (at my company it's urldefense.proofpoint.com). Perhaps they're related?

My full release number is 68.2.2 (32 bit), win7.
Thanks

I was afraid you might not be able to reproduce....

It's reproducible. Something should happen, in my case it should say 205.132.0.197 is 404 or some such.

I see what's going on here.

Assignee: nobody → mkmelin+mozilla
Status: UNCONFIRMED → ASSIGNED
Component: Untriaged → Message Reader UI
Ever confirmed: true
Flags: needinfo?(mkmelin+mozilla)
Flags: needinfo?(jsbruner)
Summary: Positive answer to "Are you sure you want to visit" site is failing → Positive answer to "Are you sure you want to visit" site is failing for message with IP and link text that isn't a url

On trunk you need bug 1596685 too to get the dialog to pop up.

Attachment #9108967 - Flags: review?(jorgk)
Keywords: regression
Comment on attachment 9108967 [details] [diff] [review]
bug1596413_phish_ip.patch

Thanks, this works for me.
Attachment #9108967 - Flags: review?(jorgk)
Attachment #9108967 - Flags: review+
Attachment #9108967 - Flags: approval-comm-esr68+
Attachment #9108967 - Flags: approval-comm-beta+

Pushed by mozilla@jorgk.com:
https://hg.mozilla.org/comm-central/rev/f5213fb4cd25
after confirmation to follow possible scam link, use the right actions for yes/no. r=jorgk

Status: ASSIGNED → RESOLVED
Closed: 2 months ago
Resolution: --- → FIXED
Target Milestone: --- → Thunderbird 72.0

Working in my TB 68.3 build. Fix will ship in December.

Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.