Phishing State should take precedence over Junk State in the message bar

RESOLVED FIXED in Thunderbird2.0


14 years ago
13 years ago


(Reporter: chris, Assigned: mscott)


({fixed1.8.1, verified1.8.0.4})

fixed1.8.1, verified1.8.0.4
Bug Flags:
blocking1.8.0.4 +

Firefox Tracking Flags

(Not tracked)



(1 attachment)



14 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4

If you have say a message that was marked as a junk e-mail but also has remote
images and triggers the phishing detector, you only are told by the notification
bar that the message is marked junk. The same holds true if at least two of the
conditions that can trigger the notification are true (say a message is junk and
has remote images, or if it is a phishing e-mail with remote images).

The reason this is bad is simple. If a message is marked as junk but is also a
phishing attack with remote images, I have no idea of that the message could
have one of those other conditions...only that it was marked junk. As the user,
I have not much information at all to go on if the e-mail is not a junk e-mail
or if it is really one as bad as phishing.

Likewise, say a message is both a phishing e-mail and one with remote images,
but has not yet been marked junk. Right now, the remote images notification is
shown but no phishing notification.

I just got an phishing e-mail pretending to be from PayPal today. Thunderbird
rightly said there was remote images in the message, but didn't say it was a
phishing attack. The only way I could know if it was a phishing attack? By
allowing remote images. That is BAD.

Reproducible: Always
This is an automated message, with ID "auto-resolve01".

This bug has had no comments for a long time. Statistically, we have found that
bug reports that have not been confirmed by a second user after three months are
highly unlikely to be the source of a fix to the code.

While your input is very important to us, our resources are limited and so we
are asking for your help in focussing our efforts. If you can still reproduce
this problem in the latest version of the product (see below for how to obtain a
copy) or, for feature requests, if it's not present in the latest version and
you still believe we should implement it, please visit the URL of this bug
(given at the top of this mail) and add a comment to that effect, giving more
reproduction information if you have it.

If it is not a problem any longer, you need take no action. If this bug is not
changed in any way in the next two weeks, it will be automatically resolved.
Thank you for your help in this matter.

The latest beta releases can be obtained from:

Comment 2

14 years ago
I think this bug and bug #297418
( really are duplicates, and
I am posting the same message there.

I do agree that using only one bar for different purposes is bad, and even worse
for the fact that the signaled conditions don't have the same level of badness.
I.e. remote images are usually just annoying, spam is definitely a waste,
phishing is a Bad Thing.
I think Thunderbird should at least rank undesirable conditions according to
their seriousness.

Comment 3

13 years ago
Confirming that the Thunderbird junk/spam warning supercedes the scam/phishing warning and, at the very least, this is backwards.  Scams are worse than spam because there's a risk for identity theft.

Requesting blocking-thunderbird2.
Flags: blocking-thunderbird2?

Comment 4

13 years ago
I agree now that scams should take precedence
Ever confirmed: true
Flags: blocking-thunderbird2?
Summary: Junk, Phishing, & Remote Images detector does not show all conditions → Phishing State should take precedence over Junk State in the message bar
Target Milestone: --- → Thunderbird2.0

Comment 5

13 years ago
Posted patch the fixSplinter Review
gives phishing precedence over junk. This works for most of the cases. Some messages get their phishing URLs stripped out of the message body because of our junk mail sanitizer so we don't actual know that it's a scam until you mark it as not junk.
Attachment #214625 - Flags: superreview?(bienvenu)


13 years ago
Attachment #214625 - Flags: superreview?(bienvenu) → superreview+


13 years ago
Last Resolved: 13 years ago
Keywords: fixed1.8.1
Resolution: --- → FIXED
Flags: blocking1.8.0.3?
Flags: blocking1.8.0.3? → blocking1.8.0.3+
Comment on attachment 214625 [details] [diff] [review]
the fix

approved for 1.8.0 branch, a=dveditz for drivers
Attachment #214625 - Flags: approval1.8.0.4+


13 years ago
Keywords: fixed1.8.0.4
verified with Mac Tbird
Keywords: fixed1.8.0.4 → verified1.8.0.4
You need to log in before you can comment on or make changes to this bug.