Open Bug 654502 (mail-scam) Opened 8 years ago Updated 5 months ago
Tracking bug for improvements of Thunderbird's scam / phishing detection and user interaction
Given that a lot of bugs are currently pending to somehow increase the functionality of the scam/phishing feature in Thunderbird I'm opening this tracking bug (see bug 653798 comment #6). Some of these bugs relate to a specific issue, some of them propose short-term workarounds until the feature is completed, and others suggest more long-term improvements to the detection algorithm and the inclusion of a phishing list similar to what Firefox does. I've added dependencies to bugs which are currently open and confirmed and contain specific or general suggestions how to improve the scam detection. Some of those may be obsolete by now or duplicates of others, thus may need further verification. Please feel free to add or remove bugs as appropriate.
Can someone in copy of this bug give an advice about what should be done with bug 764112 ? Is there a (meta) bug that could be used to list all the type of message that shouldn't be recognize as scam? Thanks in advance!
The /scam/ filter (not the /junk/ handling, that's frequently mixed up) is mostly triggered by inconsistencies in where a link suggests to go vs. where it actually points to. The ability to learn is bug 320351 with some more analysis on the current algorithm, where I don't see how attachment 632365 [details] triggers it, but that may be hidden in a part that was removed for size or privacy reasons. Bug 320351 comment #34 suggests to solve the issue by keeping a whitelist of target web domains considered trustworthy, not source e-mail domains which can be easily forged. Thus, that's a good dupe for bug 764112, and there is also bug 368924 asking for a global phishing list (like Google's used by Firefox) which may be complementary to the local user-specific whitelist.
So what should we do with this kind of reports: Bug 764112 - Thunderbird shouldn't recognize message from pcimpact.com as scams Bug 781884 - Thunderbird scam detection generates false positives on all mail from well-known websites (just created yesterday!) I think we cannot use them until we have clearly understand what trigger the scam warning. As you said, the txt file attached in bug 764112 is not sufficient, so I suppose that we need an eml file? Any other ideas? Last but not least, what is the "component" for this kind of issues? They actually fall into "General", which is maybe not the best...
(In reply to Vincent (caméléon) from comment #3) > I think we cannot use them until we have clearly understand what trigger the > scam warning. As you said, the txt file attached in bug 764112 is not > sufficient, so I suppose that we need an eml file? Any other ideas? Agreed, as a minimum, both the triggering link along with the text above it needs to be given (as commented in bug 691901 comment #8) needs to be given to see what triggers the warning. An EML file certainly helps, where posting just the link sections should be sufficient if the reporter considers the full header or the message content personal and doesn't want to disclose it public. > Last but not least, what is the "component" for this kind of issues? They > actually fall into "General", which is maybe not the best... I've seen some bugs in the "Security" component which isn't a perfect match either, but setting the "privacy" keyword should be appropriate.
Great tracker, thanks rsx11m :)
Depends on: 1001790
Adding tentative URL to find dependants of this bug. https://bugzilla.mozilla.org/buglist.cgi?quicksearch=%3Athun%2Cmailn%20link%20scam%2Cphish%2Cfake
You need to log in before you can comment on or make changes to this bug.