Safe Browsing (was: SeaMonkey is overly parranoid and has inadequate error message)
On Thu, 13 Sep 2012 07:23:26 -0500, Richard Owlett wrote: > For more than a half century I've been a learn by experiment > learner. Before posting my initial message I had looked at > headers of messages that were tagged as possible scam and > those which were not. I spotted no difference. Afterwards I > did a little more experimentation to determine exactly what > SeaMonkey found objectionable. > > SeaMonkey thinks the existence of a numeric URL in the body > of a message indicates a possible scam. > > After reading your post, I sent myself two one line > messages. The body of one was "www.example.com". The body of > the other was "http://1.2.3.4";. [Obviously without quotation > marks] > > [Note to new users following this thread - You can see the > complete headers either by using CNTRL-U while reading the > message or by a Right-click in message body and choosing > "Forward" in the menu.] Currently our scam detection is a hard coded piece of code that looks for a limited number of patterns including URLs using numeric IPs e.g."http://1.2.3.4";. Thunderbird's code was originally similar but they moved long ago to use the Firefox/Google "Safe Browsing" API. This downloads regular updates from Google's safe browsing servers. At the moment Thunderbird is using a very old version of the Firefox code. I plan look into implementing Safe Browsing in SeaMonkey once the large chunk of non Firefox specific SB code is moved into a shared location (Bug 778608). Your references: Bug 477718 - Implement Phishing Protection (a.k.a. Safe Browsing) support in SeaMonkey. Bug 769960 - Refactor the terrifying code in nsSafebrowsingApplication.js. Bug 778608 - Move SafeBrowsing.jsm to toolkit. Bug 778611 - TB/SM should use toolkit SafeBrowsing code. Phil -- Philip Chee , http://flashblock.mozdev.org/ http://xsidebar.mozdev.org Guard us from the she-wolf and the wolf, and guard us from the thief, oh Night, and so be good for us to pass. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Unresolved 6 year old BUG - was [Re: SeaMonkey is overly parranoid and has inadequate error message]
Philip TAYLOR wrote: Richard Owlett wrote: The second lists 15 related bugs. I'm not yet familiar enough with Bugzilla to be able to say if they are being worked on. Assigned To: Nobody; OK to take it and work on it Philip Taylor Contents of the "Assigned To:" field is not a true representation of how much work is being done on a particular problem. That appears much more to be an administrative tag regarding responsibility having been assigned to a particular person or group. The contents of the Comment fields are more indicative of work being done on the problem. Bug 654502 list 15 related bugs. I used Bugzilla's search function and came up with 38. There is only partial overlap between the lists. I can see "Assigned To:" remaining as "Nobody; OK to take it and work on it" forever (even when resolved). It's the nature of volunteer group efforts. ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: Unresolved 6 year old BUG - was [Re: SeaMonkey is overly parranoid and has inadequate error message]
Richard Owlett wrote: The second lists 15 related bugs. I'm not yet familiar enough with Bugzilla to be able to say if they are being worked on. Assigned To:Nobody; OK to take it and work on it Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Unresolved 6 year old BUG - was [Re: SeaMonkey is overly parranoid and has inadequate error message]
Did some more searching. There are at least 2 bugs reports covering this problem. 324820 filed 2006-01-26 -- Summary: "might be an email scam" warning needs to explain how detected 654502 filed 2011-05-03 -- Summary: Tracking bug for improvements of Thunderbird's scam / phishing detection and ... The second lists 15 related bugs. I'm not yet familiar enough with Bugzilla to be able to say if they are being worked on. Richard Owlett wrote: My ISP (small local firm) provides spam and virus filters on all email accounts. They use software from www.barracudanetworks.com . I have two problems with SeaMonkey's response to messages from my ISP that there are emails in my quarantine folder. 1. SeaMonkey flags all these messages as a possible scam. The messages are in HTML and have a link to click through to my quarantined message and to page to modify my preferences. 2. When I click on any of the links I receive a warning message that the URL is numeric. How can I "white list" these messages and that specific URL? Each incoming notification does have a button for "Not a scam". But that only deletes the warning for that specific notification, not the next one from my ISP :< ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SeaMonkey is overly parranoid and has inadequate error message
Bill Davidsen wrote: Richard Owlett wrote: My ISP (small local firm) provides spam and virus filters on all email accounts. They use software from www.barracudanetworks.com . I have two problems with SeaMonkey's response to messages from my ISP that there are emails in my quarantine folder. 1. SeaMonkey flags all these messages as a possible scam. The messages are in HTML and have a link to click through to my quarantined message and to page to modify my preferences. 2. When I click on any of the links I receive a warning message that the URL is numeric. How can I "white list" these messages and that specific URL? Each incoming notification does have a button for "Not a scam". But that only deletes the warning for that specific notification, not the next one from my ISP :< I will give you some hints, but because (a) you use Windows, and (b) you undoubtedly don't run your own mail server, I can't give you step by step instructions. This info from my notes. The "scam" stuff is set in a header line in the message seemingly added by SM. It's one of the X-Mozilla-Status lines. If the message looks like a scam a bit will be set for the message, clear the bit to make the warning go away. In my case I simply added the flag lines in my custom perl mail filter which works with spamassassin to preprocess mail. How you do it is up to you, if you're a programmer and want to play with the mail file wherever SM puts them in Windows, go to it and share your results. I suspect this will help with understanding more than solution, but there it is. Sorry. You are in error ;) For more than a half century I've been a learn by experiment learner. Before posting my initial message I had looked at headers of messages that were tagged as possible scam and those which were not. I spotted no difference. Afterwards I did a little more experimentation to determine exactly what SeaMonkey found objectionable. SeaMonkey thinks the existence of a numeric URL in the body of a message indicates a possible scam. After reading your post, I sent myself two one line messages. The body of one was "www.example.com". The body of the other was "http://1.2.3.4";. [Obviously without quotation marks] [Note to new users following this thread - You can see the complete headers either by using CNTRL-U while reading the message or by a Right-click in message body and choosing "Forward" in the menu.] The results are below with some personally identifiable info --deleted-- . *MESSAGE 1* From - Thu Sep 13 06:18:28 2012 X-Account-Key: account2 X-UIDL: --deleted-- X-Mozilla-Status: 0001 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path: Received: --deleted-- Message-ID: --deleted-- Date: Thu, 13 Sep 2012 06:17:55 -0500 From: Richard Owlett User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20120826 Firefox/15.0 SeaMonkey/2.12 MIME-Version: 1.0 To: Richard Owlett Subject: test scam2 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SmarterMail-TotalSpamWeight: 0 (Authenticated) www.example.com From - Thu Sep 13 06:16:31 2012 X-Account-Key: account2 X-UIDL: --deleted-- X-Mozilla-Status: 0001 X-Mozilla-Status2: X-Mozilla-Keys: Return-Path: Received: --deleted-- Message-ID: --deleted-- Date: Thu, 13 Sep 2012 06:16:13 -0500 From: Richard Owlett User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20120826 Firefox/15.0 SeaMonkey/2.12 MIME-Version: 1.0 To: Richard Owlett Subject: test scam1 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-SmarterMail-TotalSpamWeight: 0 (Authenticated) http://1.2.3.4 *MESSAGE 2* ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SeaMonkey is overly parranoid and has inadequate error message
Lucas Levrel a écrit :
Le 12 septembre 2012, Richard Owlett a écrit :
My ISP (small local firm) provides spam and virus filters on all email
accounts.
If these filters are enough, you can disable SM's junk filtering
altogether for that account.
I am not convinced that Seamonkey flagging something as
a suspected e-mail scam ("Seamonkey thinks this message
might be an email scam") has anything to do with its
junk filtering at all; they appear to be orthogonal.
Philip Taylor
___
support-seamonkey mailing list
support-seamonkey@lists.mozilla.org
https://lists.mozilla.org/listinfo/support-seamonkey
Re: SeaMonkey is overly parranoid and has inadequate error message
Le 12 septembre 2012, Richard Owlett a écrit : My ISP (small local firm) provides spam and virus filters on all email accounts. If these filters are enough, you can disable SM's junk filtering altogether for that account. -- LL ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SeaMonkey is overly parranoid and has inadequate error message
Richard Owlett wrote: My ISP (small local firm) provides spam and virus filters on all email accounts. They use software from www.barracudanetworks.com . I have two problems with SeaMonkey's response to messages from my ISP that there are emails in my quarantine folder. 1. SeaMonkey flags all these messages as a possible scam. The messages are in HTML and have a link to click through to my quarantined message and to page to modify my preferences. 2. When I click on any of the links I receive a warning message that the URL is numeric. How can I "white list" these messages and that specific URL? Each incoming notification does have a button for "Not a scam". But that only deletes the warning for that specific notification, not the next one from my ISP :< I will give you some hints, but because (a) you use Windows, and (b) you undoubtedly don't run your own mail server, I can't give you step by step instructions. This info from my notes. The "scam" stuff is set in a header line in the message seemingly added by SM. It's one of the X-Mozilla-Status lines. If the message looks like a scam a bit will be set for the message, clear the bit to make the warning go away. In my case I simply added the flag lines in my custom perl mail filter which works with spamassassin to preprocess mail. How you do it is up to you, if you're a programmer and want to play with the mail file wherever SM puts them in Windows, go to it and share your results. I suspect this will help with understanding more than solution, but there it is. -- Bill Davidsen We are not out of the woods yet, but we know the direction and have taken the first step. The steps are many, but finite in number, and if we persevere we will reach our destination. -me, 2010 ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
Re: SeaMonkey is overly parranoid and has inadequate error message
Richard Owlett wrote: My ISP (small local firm) provides spam and virus filters on all email accounts. They use software from www.barracudanetworks.com . I have two problems with SeaMonkey's response to messages from my ISP that there are emails in my quarantine folder. 1. SeaMonkey flags all these messages as a possible scam. The messages are in HTML and have a link to click through to my quarantined message and to page to modify my preferences. Same here : my college uses "Webroot Email security service" and no matter how many times I tell Seamonkey "Not a scam", it never learns. Philip Taylor ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
SeaMonkey is overly parranoid and has inadequate error message
My ISP (small local firm) provides spam and virus filters on all email accounts. They use software from www.barracudanetworks.com . I have two problems with SeaMonkey's response to messages from my ISP that there are emails in my quarantine folder. 1. SeaMonkey flags all these messages as a possible scam. The messages are in HTML and have a link to click through to my quarantined message and to page to modify my preferences. 2. When I click on any of the links I receive a warning message that the URL is numeric. How can I "white list" these messages and that specific URL? Each incoming notification does have a button for "Not a scam". But that only deletes the warning for that specific notification, not the next one from my ISP :< ___ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey
