Open
Bug 1675449
Opened 4 years ago
Updated 4 months ago
Email with failing SPF or DKIM should be visually marked as suspicious
Categories
(Thunderbird :: Security, enhancement)
Tracking
(Not tracked)
NEW
People
(Reporter: julien+mozilla, Unassigned)
References
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0
Steps to reproduce:
Today I received an phishing email, very well formed, very clean, and it landed in my Inbox, up to here, why not.
But the message was failing SPF and DMARC with p=quarantine (which means "flag it or something").
See the headers:
Authentication-Results: mailin008.protonmail.ch; dmarc=fail (p=quarantine dis=none) header.from=wetransfer.com
Authentication-Results: mailin008.protonmail.ch; spf=fail smtp.mailfrom=noreply@wetransfer.com
Authentication-Results: mailin008.protonmail.ch; dkim=none
Actual results:
The email was displayed normally like any other.
Expected results:
I would have enjoyed a visual hint telling me, at least, that the email may not come from the address it tells it comes from.
Comment 1•2 years ago
|
||
In the mean time, you can use https://addons.thunderbird.net/thunderbird/addon/dkim-verifier/
See Also: → 265226
Updated•2 years ago
|
Status: UNCONFIRMED → NEW
Ever confirmed: true
Comment 3•2 years ago
|
||
When confirming a bug, please also move it to a component.
Component: Untriaged → Security
You need to log in
before you can comment on or make changes to this bug.
Description
•