Open
Bug 218942
Opened 21 years ago
Updated 2 years ago
W32.Mimail worm's emails never learned by the spam/junk filter
Categories
(MailNews Core :: Filters, defect)
Tracking
(Not tracked)
NEW
People
(Reporter: adam, Unassigned)
References
Details
Attachments
(2 files)
I'm receiving several large emails a day -- sometimes dozens -- from the W32.Mimail worm. While I don't much care from a security point of view, since I'm not running a platform that it targets, if I mark it as 'junk' (as often as I like) it still never gets 'learned' by Mozilla MailNews' spam filter and always gets through, despite having a very characteristic unobfuscated opening paragraph (and then an attachment -- I don't know if the attachment is randomized). I think that the spam filter really should be able to 'learn' this spam.
Reporter | ||
Comment 1•21 years ago
|
||
Reporter | ||
Comment 2•21 years ago
|
||
Reporter | ||
Comment 3•21 years ago
|
||
Hmm, yes, even the attachments of the worm's emails are virtually the same (one just has a little more cruft on the end for some reason).
Comment 4•21 years ago
|
||
*** Bug 218941 has been marked as a duplicate of this bug. ***
Comment 5•21 years ago
|
||
This also applies to W32.Swen.A@mm virus. I have received 7 in the last two hours and have manually marked each of them as junk. Still, Mozilla does not mark them as such as they come in.
Comment 6•21 years ago
|
||
See also: "JunkMail Controls seem to becomming less effective - not catching Microsoft Patch spam" (W32.Swen.A@mm) thread in n.p.m.mail-news.
Comment 7•21 years ago
|
||
I trained it yesterday and the day before and today I had 6 of them automatically marked as spam. I use mozilla 1.4
Reporter | ||
Comment 8•21 years ago
|
||
After a couple of days of training it seems to catch W32.Swen about 50% of the time. BUT, it correspondingly starts to drop a bunch of pretty obvious 'normal' spams. :) And it's still not learning W32.Mimail.
Comment 9•21 years ago
|
||
*** Bug 223472 has been marked as a duplicate of this bug. ***
Comment 10•21 years ago
|
||
It been noticed that the virus is being altered or being copy-cat repeatly. (It even defy the Norton Anti-Virus temporary when I'm using MS-Outlook until the DAT was updated nightly - Not related to this Mozilla). The question here is how to write a better programming for the Spam/Junk Filter to adapt to the changing nature of the spam mail?
Reporter | ||
Comment 11•21 years ago
|
||
Well, no, that's not really the question -- Mozilla doesn't even seem to learn the vanilla virus. Adapting to mutants would be a different bug.
Updated•20 years ago
|
Product: MailNews → Core
Comment 12•17 years ago
|
||
sorry for the spam. making bugzilla reflect reality as I'm not working on these bugs. filter on FOOBARCHEESE to remove these in bulk.
Assignee: sspitzer → nobody
Assignee | ||
Updated•16 years ago
|
Product: Core → MailNews Core
Updated•2 years ago
|
Severity: normal → S3
You need to log in
before you can comment on or make changes to this bug.
Description
•