scam warnings in a plaintext message

ASSIGNED
Assigned to

Status

SeaMonkey
MailNews: Message Display
--
minor
ASSIGNED
8 years ago
2 years ago

People

(Reporter: Lapo Luchini, Assigned: Wasim Thabraze)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [good first bug] [lang=js] [2012 Fall Equinox] [seamonkey-2.0.10-affected])

(Reporter)

Description

8 years ago
User-Agent:       Mozilla/5.0 (X11; U; FreeBSD amd64; en-US) AppleWebKit/534.14 (KHTML, like Gecko) Chrome/10.0.603.0 Safari/534.14
Build Identifier: Mozilla/5.0 (X11; U; FreeBSD amd64; en-US; rv:1.9.1.15) Gecko/20101102 SeaMonkey/2.0.10

I have received a scam warning in a plaintext email, probably on the basis that a link wasn't what I seemed to be, which seems a bit silly to me since a plaintext can't hide anything and the link was auto-generated.

Reproducible: Always

Steps to Reproduce:
This is what I think what happened:
1. the email contained the almost-link "url=http://127.0.0.1:<port>/service?wsdl"
2. the "http://127.0.0.1:" part became an auto-generated link to "http://127.0.0.1/"
3. the link was found linking to an URL different from what it did show and this activated the scam warning
Actual Results:  
Scam warning.

Expected Results:  
Auto-generated links should not be subject to the "different text from link" warning since, well, they are auto-generated and moreover a plaintext message can't possibly have "hidden" links or stuff.

I can't attach the full email as it is work related and kinda private, but shouldn't bee to difficult to reproduce the problem including the URL I mentioned in the body of any mail.
Confirming with Mozilla/5.0 (X11; U; Linux i686 (x86_64); en-US; rv:1.9.1.17pre) Gecko/20101209 Lightning/1.0b1 SeaMonkey/2.0.12pre

May be a backend issue, don't know how scam detection works.

Funny thing, the bug mail also shows the scam warning ;)
Status: UNCONFIRMED → NEW
Ever confirmed: true
OS: FreeBSD → All
Hardware: x86_64 → All
Summary: scam warnings in a plaintext ,essage → scam warnings in a plaintext message

Comment 2

8 years ago
I think this means that we basically want to port bug 362434 from TB, which - among other things - fixes this.

Updated

8 years ago
Whiteboard: [good first bug]
Bug 362434 is all in one JS file, but no one-liner (-58, +166). I wonder how easy the port will be…

…Hm, for one thing, trying to "dumbly" apply the patch to the suite file of the same name (suite/mailnews/phishingDetector.js) results in all three hunks being rejected. Will need some more love.
Whiteboard: [good first bug] → [good first bug] [lang=js] [2012 Fall Equinox]
(Assignee)

Comment 4

2 years ago
Hello,

Is this bug still open? I love to work on this bug.

Can one of the mentors assign this bug to me? I hope to get it resolved.

Thank you.
(In reply to Wasim Thabraze from comment #4)
> Hello,
> 
> Is this bug still open? I love to work on this bug.
> 
> Can one of the mentors assign this bug to me? I hope to get it resolved.
> 
> Thank you.

Earlier comments mention Thunderbird bug 362434, but I think that this particular bug might be the SeaMonkey equivalent of Thunderbird bug 937265. You might want to have a look at both of them.

I'm not specifically a mentor, but I've fixed a few very simple bugs, and I love it when I see someone new willing to work on SeaMonkey bugs. I hope you won't find this bug too hard for you. ;-)
Assignee: nobody → waseem.tabraze
Status: NEW → ASSIGNED
Whiteboard: [good first bug] [lang=js] [2012 Fall Equinox] → [good first bug] [lang=js] [2012 Fall Equinox] [seamonkey-2.0.10-affected]
Version: unspecified → Trunk
Wasim: Any progress (or questions)?
Flags: needinfo?(waseem.tabraze)
(Assignee)

Comment 7

2 years ago
Sorry for the inactivity @Tony. My health wasn't supporting me.

By the way, I'm starting to work on this bug. I'll update the progress soon!

Thank You.
Flags: needinfo?(waseem.tabraze)
You need to log in before you can comment on or make changes to this bug.