Closed Bug 307635 Opened 20 years ago Closed 20 years ago

Starting with today's nightly (branch) a lot of newsletters are being marked as scam

Categories

(Thunderbird :: Mail Window Front End, defect)

Product:
Thunderbird
Component:
Mail Window Front End
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED INVALID

People

(Reporter: matjaz.bugzilla.2005, Assigned: mscott)

References

Details

Attachments

(1 file)

Mail source
51.87 KB, text/plain
Details
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4 With today's build (version 1.5 Beta 1 (20050908)) every Lockergnome mail is marked as scam - this happens when viewing new and old newsletters (that were not marked as scam till today), so it definitly isn't the change in Lockergnome newsletters (unless it has something to do with remote images). I'm attaching the message source. Reproducible: Always Steps to Reproduce:
Attached file Mail source
Ok, I found out that a lot of other newsletters are marked as scam as well, including Sitepoint, Developer Shed, Scotts Newsletter, some Dr Dobb's newsletters, some Sun newsletters (Java). Changed the summary to reflect the latest discovery. Original summary: Starting with today's nightly (branch) mail from Lockergnome is marked as scam
Summary: Starting with today's nightly (branch) mail from Lockergnome is marked as scam → Starting with today's nightly (branch) a lot of newsletters are being marked as scam
I have a feeling this is because the fix for bug 307024 made the phishing detector actually test mails that contain named anchor links. Before that fix any mail with a named anchor at top would never be recognized as a scam I think. For instance, in your example the following is one of the things that would have made it suspect a scam. (Because the link value text contains an web address which is not the link address. ) <a href="mailto:?Subject=From%20Lockergnome:%20Wireless Local Body Network Soon To Connect All Your Portable Devices&cc=*********************?&body=Wireless Local Body Network Soon To Connect All Your Portable Devices:&nbsp;http://channels.lockergnome.com/web/archives/20050721_wireless_local_body_network_soon_to_connect_all_your_portable_devices.phtml">Send Link to Friends</a>
Sorry, in your example it is the embedded <form> that makes it trigger the "possible scam". mailto-links wouldn't trigger it.
-> INVALID since this is actually a result of the phishing detector doing it's job now (a job which may or may not be ideal, but that's another story)
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → INVALID
*** Bug 317389 has been marked as a duplicate of this bug. ***
I have this problem today (1.5.0.2 on Linux) (05/03/2006) even after adding the senders's address to my address book. I don't want to turn the feature off as it does catch real problems. There needs to be some way to make it accept some additional things without just blanket acceptance. I realize this isn't so easy. Just "whitelisting" an address opens a door for "real" scams using that address.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: