User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 The following is an example of a junk mail that gets recognized (although it shouldn't) by my "known senders" filter rule: --- From - Wed Oct 01 09:24:56 2003 X-UIDL: 002c6065fbbee39cab9c5023eb4e7b46 X-Mozilla-Status: 0401 X-Mozilla-Status2: 00000000 Return-Path: <firstname.lastname@example.org> X-Flags: 0000 Delivered-To: GMX delivery to email@example.com Received: (qmail 8661 invoked by uid 65534); 1 Oct 2003 07:04:31 -0000 Received: from rhenium.btinternet.com (EHLO rhenium.btinternet.com) (184.108.40.206) by mx0.gmx.net (mx033-rz3) with SMTP; 01 Oct 2003 09:04:31 +0200 Received: from dial81-131-178-4.in-addr.btopenworld.com ([220.127.116.11] helo=zuir) by rhenium.btinternet.com with smtp (Exim 3.22 #23) id 1A4asU-0005vq-00; Wed, 01 Oct 2003 07:54:27 +0100 FROM: "Microsoft Internet Mail System" < > TO: "Network Recipient" <firstname.lastname@example.org> SUBJECT: Abort Message Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="nwrpbokni" Message-Id: <E1A4asUemail@example.com> Date: Wed, 01 Oct 2003 07:54:27 +0100 X-GMX-Antivirus: -1 (not scanned, may not use virus scanner) X-GMX-Antispam: 0 (Mail was not recognized as spam) --- I think the problem is related to the first line of the message. My "known senders" filter rule consists of three rules: 1.) check if sender is in address book one 2.) check if sender is in address book two 3.) check if sender contains my domain name Reproducible: Always Steps to Reproduce: see details Actual Results: see details Expected Results: Don't apply the filter rule.
Problem still exists after upgrade to Mozilla 1.5 (stable, WinXP).
"Sender" does not mean "From:" header. For example, "Resent-From:" is also condidered as "Sender". Can you separate your filter to three filters which action is "Move to folder" and take filter log in order to clarify the problem?
Well, it seems that the problem is related to empty email address fields -- that they are matched even if both (address book and email header) are empty! The rule checking it against address books should ignore address book entries with missing email addresses. Filterlog: Applied filter "Known Senders" to message from "" < > - at 10/18/2003 07:44 AM Action = Move to folder mailbox://firstname.lastname@example.org/Inbox/KnownSenders id = 20031018054447.EOTD17813.fep05-svc.mail.telepac.pt@kwzzoow Message source: From - Sat Oct 18 10:41:51 2003 X-UIDL: 7043b34e1e9a67c274d8b9ea41670633 X-Mozilla-Status: 0401 X-Mozilla-Status2: 00000000 Return-Path: <email@example.com> X-Flags: 0000 Delivered-To: GMX delivery to firstname.lastname@example.org Received: (qmail 11993 invoked by uid 65534); 18 Oct 2003 06:32:27 -0000 Received: from unknown (HELO relay1) (18.104.22.168) by mx0.gmx.net (mx027-rz3) with SMTP; 18 Oct 2003 08:32:27 +0200 Received: (qmail 25868 invoked by uid 0); 18 Oct 2003 05:44:52 -0000 Received: from unknown (HELO fep05-svc.mail.telepac.pt) (22.214.171.124) by relay6 with SMTP; 18 Oct 2003 05:44:52 -0000 Received: from kwzzoow ([126.96.36.199]) by fep05-svc.mail.telepac.pt (InterMail vM.5.01.04.13 201-253-122-122-113-20020313) with SMTP id <20031018054447.EOTD17813.fep05-svc.mail.telepac.pt@kwzzoow>; Sat, 18 Oct 2003 06:44:47 +0100 FROM: "" < > TO: "Inet Client" <email@example.com> Mime-Version: 1.0 Content-Type: multipart/alternative; boundary="nodiquqxrkv" Message-Id: <20031018054447.EOTD17813.fep05-svc.mail.telepac.pt@kwzzoow> Date: Sat, 18 Oct 2003 06:44:58 +0100 X-GMX-Antivirus: -1 (not scanned, may not use virus scanner) X-GMX-Antispam: 0 (Mail was not recognized as spam) --nodiquqxrkv Content-Type: text/html Content-Transfer-Encoding: quoted-printable <HTML> <HEAD></HEAD> <BODY> <iframe src=3D"cid:fajizf" height=3D0 width=3D0></iframe> <BR><BR>Hi. <BR>I'm afraid = the message returned below could not be delivered = to one or more destinations.<BR> <BR><BR><BR>Undelivered mail to <B>firstname.lastname@example.org</B> <BR><BR><BR>Message follows:<BR><BR><BR><BR> </BODY></HTML> --nodiquqxrkv Content-Type: audio/x-wav; name="glmoo.exe" Content-Transfer-Encoding: base64 Content-Id: <fajizf>
I confirm this is happening to me also. I have a "knowns" mail filter, which says if the address matches anything in my address book, move to my real inbox. When spammers send emails with a blank from field, or just <>, it is considered matched, and gets moved as if it were from knowns. I already checked, to ensure I do not have any blank addresses in address book. Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007
*** This bug has been marked as a duplicate of 202169 ***