Closed
Bug 320352
Opened 19 years ago
Closed 19 years ago
newsletters always detected as scams
Categories
(Thunderbird :: General, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 320351
People
(Reporter: mikel, Assigned: mscott)
Details
Attachments
(1 file)
40.45 KB,
text/plain
|
Details |
Can anybody tell me why Australian IT "Ping" newsletters are always flagged as a possible scam? I will attach one in a moment since I can't do so when first reporting the bug.
Reporter | ||
Comment 1•19 years ago
|
||
Comment 2•19 years ago
|
||
Michael, this is pretty much the same as your previous bug. *** This bug has been marked as a duplicate of 320351 ***
Status: NEW → RESOLVED
Closed: 19 years ago
Resolution: --- → DUPLICATE
Reporter | ||
Comment 3•19 years ago
|
||
No, this is more like a support request for the specifics of this message. Can somebody who understands the phishing/scam algorithm tell me what token or attribute of the message caused it to be flagged as a scam? I can't find anything wrong with the message; it looks legitimate to me. If there is something that makes it look like a scam, I'd like to know what it is so that I can notify the newsletter provider, hoping that they can modify their newsletter so it is not constantly flagged. Also, as I understand it, one of the main things the scam detection does is look for URLs containing IP addresses. I couldn't find any in this message. I wonder if the message encoding causes the scam detection to flag URLs that span multiple lines or contain line continuation characters.
Status: RESOLVED → REOPENED
Resolution: DUPLICATE → ---
Comment 4•19 years ago
|
||
> No, this is more like a support request for the specifics of this message. Bugzilla is *NOT* the place for support requests, use the Mozilla newsgroups or Mozillazine fora for this. That said, > Can somebody who understands the phishing/scam algorithm tell me what token or > attribute of the message caused it to be flagged as a scam? The scam detection algorithm lives here: <http://lxr.mozilla.org/seamonkey/source/mail/base/content/phishingDetector.js> and includes quite some comments what it actually does, eg. this: 72 // if an e-mail contains a form element, then assume the message is a phishing attack. 73 // Legitimate sites should not be using forms inside of e-mail. 74 if (!isEmailScam && msgDocument.getElementsByTagName("form").length > 0) 75 isEmailScam = true; *** This bug has been marked as a duplicate of 320351 ***
Status: REOPENED → RESOLVED
Closed: 19 years ago → 19 years ago
Resolution: --- → DUPLICATE
You need to log in
before you can comment on or make changes to this bug.
Description
•