Last Comment Bug 396377 - vCard sometimes cause heuristic scanners to generate a false positive
: vCard sometimes cause heuristic scanners to generate a false positive
Status: RESOLVED FIXED
: fixed-seamonkey1.1.5, fixed1.8.1.8
Product: MailNews Core
Classification: Components
Component: Attachments (show other bugs)
: Trunk
: All All
: -- major (vote)
: ---
Assigned To: Ian Neal
:
:
Mentors:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2007-09-16 15:15 PDT by Ian Neal
Modified: 2008-07-31 04:30 PDT (History)
0 users
See Also:
Crash Signature:
(edit)
QA Whiteboard:
Iteration: ---
Points: ---


Attachments
Add ReplaceChar patch v0.1 (1.04 KB, patch)
2007-09-17 00:12 PDT, Ian Neal
neil: review+
mozilla: superreview+
Details | Diff | Splinter Review
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch) (1.12 KB, patch)
2007-09-19 16:37 PDT, Ian Neal
iann_bugzilla: review+
iann_bugzilla: superreview+
mscott: approval1.8.1.8+
Details | Diff | Splinter Review

Description Ian Neal 2007-09-16 15:15:09 PDT
Steps to reproduce:
1/ Have an email address in the form of first.second@your.domain.com
2/ Create a vCard and set it to be attached to all out going email
3/ Send an email to someone with a heuristic scanner component to their AV

Expect result
1/ Email gets delivered

Actual result
1/ Email gets bounced back with messages saying it is a possible virus

Looking at the actual bounce message shows the heuristic scanner does not like attachments with more than one dot in as it thinks it has a double extension.
In theory should ask AV makers to make their heuristic scanners more intelligent i.e. anything ending .vcf is unlikely to be infected but in practise might be easier to make mailnews just not put dots in the filename of the vCard.

Workaround
1/ Get user to switch off vCard for emails sent to people with such AV heuristic scanners.
Comment 1 Ian Neal 2007-09-16 15:44:12 PDT
Relevant code is at http://lxr.mozilla.org/seamonkey/source/mailnews/compose/src/nsMsgCompose.cpp#1206
Should be just a matter of applying something like .ReplaceChar('.', '_')
Comment 2 Ian Neal 2007-09-17 00:12:48 PDT
Created attachment 281150 [details] [diff] [review]
Add ReplaceChar patch v0.1

This patch:
* Adds a .ReplaceChar to change dots to underscores for filename of vCard attachment
Comment 3 neil@parkwaycc.co.uk 2007-09-18 06:31:32 PDT
Comment on attachment 281150 [details] [diff] [review]
Add ReplaceChar patch v0.1

Looks reasonable to me.
Comment 4 David :Bienvenu 2007-09-18 15:56:53 PDT
Comment on attachment 281150 [details] [diff] [review]
Add ReplaceChar patch v0.1

so, instead of referencing the bug # in the comment, I think it's nicer to just spell out the problem in place.
Comment 5 Ian Neal 2007-09-19 16:37:48 PDT
Created attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

Revised comment to include the reason rather than the bug number.
Carrying forward r/sr= and requesting branch approval for a very low risk patch that works round an annoying bug with some heuristic scanners
Comment 6 Ian Neal 2007-09-20 15:50:31 PDT
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

Checking in (trunk)
nsMsgCompose.cpp;
new revision: 1.529; previous revision: 1.528
done
Comment 7 Robert Kaiser 2007-09-24 17:58:32 PDT
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

As this is MailNews-only and is code shared between our different mail apps, requesting thunderbird approval instead of core approval is better.
For the record, I consider this a-seamonkey1.1.5=me as a SeaMonkey Council member (IanN) is the requestee of the 1.8.1.8 approval.
Comment 8 Scott MacGregor 2007-09-30 22:21:26 PDT
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

a=mscott for 1.8.1.8 if we can get this landed ASAP. The code freeze for 1.8.1.8 is right around the corner.
Comment 9 Ian Neal 2007-10-01 23:20:57 PDT
Comment on attachment 281566 [details] [diff] [review]
Patch with revised comment v0.1a (Checked into trunk and 1.8 branch)

Checking in (1.8 branch)
nsMsgCompose.cpp;
new revision: 1.460.2.34; previous revision: 1.460.2.33
done

Note You need to log in before you can comment on or make changes to this bug.