User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 If you have say a message that was marked as a junk e-mail but also has remote images and triggers the phishing detector, you only are told by the notification bar that the message is marked junk. The same holds true if at least two of the conditions that can trigger the notification are true (say a message is junk and has remote images, or if it is a phishing e-mail with remote images). The reason this is bad is simple. If a message is marked as junk but is also a phishing attack with remote images, I have no idea of that the message could have one of those other conditions...only that it was marked junk. As the user, I have not much information at all to go on if the e-mail is not a junk e-mail or if it is really one as bad as phishing. Likewise, say a message is both a phishing e-mail and one with remote images, but has not yet been marked junk. Right now, the remote images notification is shown but no phishing notification. I just got an phishing e-mail pretending to be from PayPal today. Thunderbird rightly said there was remote images in the message, but didn't say it was a phishing attack. The only way I could know if it was a phishing attack? By allowing remote images. That is BAD. Reproducible: Always
This is an automated message, with ID "auto-resolve01". This bug has had no comments for a long time. Statistically, we have found that bug reports that have not been confirmed by a second user after three months are highly unlikely to be the source of a fix to the code. While your input is very important to us, our resources are limited and so we are asking for your help in focussing our efforts. If you can still reproduce this problem in the latest version of the product (see below for how to obtain a copy) or, for feature requests, if it's not present in the latest version and you still believe we should implement it, please visit the URL of this bug (given at the top of this mail) and add a comment to that effect, giving more reproduction information if you have it. If it is not a problem any longer, you need take no action. If this bug is not changed in any way in the next two weeks, it will be automatically resolved. Thank you for your help in this matter. The latest beta releases can be obtained from: Firefox: http://www.mozilla.org/projects/firefox/ Thunderbird: http://www.mozilla.org/products/thunderbird/releases/1.5beta1.html Seamonkey: http://www.mozilla.org/projects/seamonkey/
I think this bug and bug #297418 (https://bugzilla.mozilla.org/show_bug.cgi?id=297418) really are duplicates, and I am posting the same message there. I do agree that using only one bar for different purposes is bad, and even worse for the fact that the signaled conditions don't have the same level of badness. I.e. remote images are usually just annoying, spam is definitely a waste, phishing is a Bad Thing. I think Thunderbird should at least rank undesirable conditions according to their seriousness.
Confirming that the Thunderbird junk/spam warning supercedes the scam/phishing warning and, at the very least, this is backwards. Scams are worse than spam because there's a risk for identity theft. Requesting blocking-thunderbird2.
I agree now that scams should take precedence
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Summary: Junk, Phishing, & Remote Images detector does not show all conditions → Phishing State should take precedence over Junk State in the message bar
Target Milestone: --- → Thunderbird2.0
Created attachment 214625 [details] [diff] [review] the fix gives phishing precedence over junk. This works for most of the cases. Some messages get their phishing URLs stripped out of the message body because of our junk mail sanitizer so we don't actual know that it's a scam until you mark it as not junk.
Attachment #214625 - Flags: superreview?(bienvenu)
Attachment #214625 - Flags: superreview?(bienvenu) → superreview+
Status: ASSIGNED → RESOLVED
Last Resolved: 12 years ago
Resolution: --- → FIXED
Flags: blocking188.8.131.52? → blocking184.108.40.206+
Comment on attachment 214625 [details] [diff] [review] the fix approved for 1.8.0 branch, a=dveditz for drivers
Attachment #214625 - Flags: approval220.127.116.11+
verified with Mac Tbird 18.104.22.168rc3
Keywords: fixed22.214.171.124 → verified126.96.36.199
You need to log in before you can comment on or make changes to this bug.