Starting with today's nightly (branch) a lot of newsletters are being marked as scam

RESOLVED INVALID

Status

RESOLVED INVALID
13 years ago
13 years ago

People

(Reporter: matjaz.bugzilla.2005, Assigned: mscott)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

51.87 KB, text/plain
Details
(Reporter)

Description

13 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8b4) Gecko/20050908 Firefox/1.4

With today's build (version 1.5 Beta 1 (20050908)) every Lockergnome mail is
marked as scam - this happens when viewing new and old newsletters (that were
not marked as scam till today), so it definitly isn't the change in Lockergnome
newsletters (unless it has something to do with remote images).

I'm attaching the message source.

Reproducible: Always

Steps to Reproduce:
(Reporter)

Comment 1

13 years ago
Created attachment 195373 [details]
Mail source
(Reporter)

Comment 2

13 years ago
Ok, I found out that a lot of other newsletters are marked as scam as well,
including Sitepoint, Developer Shed, Scotts Newsletter, some Dr Dobb's
newsletters, some Sun newsletters (Java).

Changed the summary to reflect the latest discovery.

Original summary:
Starting with today's nightly (branch) mail from Lockergnome is marked as scam
Summary: Starting with today's nightly (branch) mail from Lockergnome is marked as scam → Starting with today's nightly (branch) a lot of newsletters are being marked as scam
I have a feeling this is because the fix for bug 307024 made the phishing
detector actually test mails that contain named anchor links. Before that fix
any mail with a named anchor at top would never be recognized as a scam I think. 

For instance, in your example the following is one of the things that would have
made it suspect a scam. (Because the link value text contains an web address
which is not the link address. )

 <a
href="mailto:?Subject=From%20Lockergnome:%20Wireless Local Body
Network Soon To Connect All Your Portable
Devices&cc=*********************?&body=Wireless Local Body Network Soon To
Connect All Your Portable
Devices:&nbsp;http://channels.lockergnome.com/web/archives/20050721_wireless_local_body_network_soon_to_connect_all_your_portable_devices.phtml">Send
Link to Friends</a> 
Sorry, in your example it is the embedded <form> that makes it trigger the
"possible scam". mailto-links wouldn't trigger it. 
-> INVALID since this is actually a result of the phishing detector doing it's
job now (a job which may or may not be ideal, but that's another story)
Status: UNCONFIRMED → RESOLVED
Last Resolved: 13 years ago
Resolution: --- → INVALID
*** Bug 317389 has been marked as a duplicate of this bug. ***

Comment 7

13 years ago
I have this problem today (1.5.0.2 on Linux) (05/03/2006) even after adding the senders's address to my address book.

I don't want to turn the feature off as it does catch real problems.

There needs to be some way to make it accept some additional things without just blanket acceptance.

I realize this isn't so easy.  Just "whitelisting" an address opens a door for "real" scams using that address.
You need to log in before you can comment on or make changes to this bug.