vCard sometimes cause heuristic scanners to generate a false positive

RESOLVED FIXED

Status

defect
--
major
RESOLVED FIXED
12 years ago
11 years ago

People

(Reporter: iann_bugzilla, Assigned: iann_bugzilla)

Tracking

({fixed-seamonkey1.1.5, fixed1.8.1.8})

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

Steps to reproduce:
1/ Have an email address in the form of first.second@your.domain.com
2/ Create a vCard and set it to be attached to all out going email
3/ Send an email to someone with a heuristic scanner component to their AV

Expect result
1/ Email gets delivered

Actual result
1/ Email gets bounced back with messages saying it is a possible virus

Looking at the actual bounce message shows the heuristic scanner does not like attachments with more than one dot in as it thinks it has a double extension.
In theory should ask AV makers to make their heuristic scanners more intelligent i.e. anything ending .vcf is unlikely to be infected but in practise might be easier to make mailnews just not put dots in the filename of the vCard.

Workaround
1/ Get user to switch off vCard for emails sent to people with such AV heuristic scanners.
Relevant code is at http://lxr.mozilla.org/seamonkey/source/mailnews/compose/src/nsMsgCompose.cpp#1206
Should be just a matter of applying something like .ReplaceChar('.', '_')
Posted patch Add ReplaceChar patch v0.1 (obsolete) — Splinter Review
This patch:
* Adds a .ReplaceChar to change dots to underscores for filename of vCard attachment
Assignee: nobody → iann_bugzilla
Status: NEW → ASSIGNED
Attachment #281150 - Flags: superreview?(bienvenu)
Attachment #281150 - Flags: review?(neil)
Comment on attachment 281150 [details] [diff] [review]
Add ReplaceChar patch v0.1

Looks reasonable to me.
Attachment #281150 - Flags: review?(neil) → review+
Comment on attachment 281150 [details] [diff] [review]
Add ReplaceChar patch v0.1

so, instead of referencing the bug # in the comment, I think it's nicer to just spell out the problem in place.
Attachment #281150 - Flags: superreview?(bienvenu) → superreview+
Revised comment to include the reason rather than the bug number.
Carrying forward r/sr= and requesting branch approval for a very low risk patch that works round an annoying bug with some heuristic scanners
Attachment #281150 - Attachment is obsolete: true
Attachment #281566 - Flags: superreview+
Attachment #281566 - Flags: review+
Attachment #281566 - Flags: approval1.8.1.8?
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

Checking in (trunk)
nsMsgCompose.cpp;
new revision: 1.529; previous revision: 1.528
done
Attachment #281566 - Attachment description: Patch with revised comment v0.1a → Patch with revised comment v0.1a (Checked into trunk)
Status: ASSIGNED → RESOLVED
Closed: 12 years ago
Resolution: --- → FIXED
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

As this is MailNews-only and is code shared between our different mail apps, requesting thunderbird approval instead of core approval is better.
For the record, I consider this a-seamonkey1.1.5=me as a SeaMonkey Council member (IanN) is the requestee of the 1.8.1.8 approval.
Attachment #281566 - Flags: approval-thunderbird2?
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

a=mscott for 1.8.1.8 if we can get this landed ASAP. The code freeze for 1.8.1.8 is right around the corner.
Attachment #281566 - Flags: approval1.8.1.8?
Attachment #281566 - Flags: approval1.8.1.8+
Attachment #281566 - Flags: approval-thunderbird2?
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

Checking in (1.8 branch)
nsMsgCompose.cpp;
new revision: 1.460.2.34; previous revision: 1.460.2.33
done
Attachment #281566 - Attachment description: Patch with revised comment v0.1a (Checked into trunk) → Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)
Product: Core → MailNews Core
You need to log in before you can comment on or make changes to this bug.