Philip Prindeville wrote:
As someone who occasionally contributes fixes to T-bird, I get
a little tired of adding total braindeath to multi-platform software
because of one OS that has so many security holes.
Frankly, making the message subject be the "file name" is itself "total
braindeath"
Kenneth Porter wrote:
>--On Wednesday, December 27, 2006 12:16 PM -0700 Philip Prindeville
><[EMAIL PROTECTED]> wrote:
>
>
>
>>Thunderbird names the attachment whatever the subject line is,
>>and encodes it as message/rfc822.
>>
>>
>
>I'd raise a bug against Thunderbird. It's really a bug/v
On 28 Dec 2006 at 1:29, Jan-Pieter Cornet wrote:
> I'm not aware if this same bug can be hit by common windows MUAs
> like outlook express, but it would frankly astonish me if there
> isn't a windows MUA out there that isn't susceptible to this.
Any MUA that does not embed IE in order to display
On Wed, Dec 27, 2006 at 03:12:55PM -0500, David F. Skoll wrote:
> I've heard rumours that if Windows cannot determine what to do with a
> file based on the MIME type or file name, it actually looks at the
> "magic values" in the file to determine the file type. If this is the
> case (I have no way
--On Wednesday, December 27, 2006 12:16 PM -0700 Philip Prindeville
<[EMAIL PROTECTED]> wrote:
Thunderbird names the attachment whatever the subject line is,
and encodes it as message/rfc822.
I'd raise a bug against Thunderbird. It's really a bug/vulnerability in
Windows, but Tbird should at
Ben Poliakoff wrote:
> Yes, it's a lose-lose situation.
> I see this issue fairly frequently at my site. Many of our users have
> their mailers set to forward messages as attachments. The most common
> victims are electronic receipts (i.e. "Your Order with Amazon.com").
> I'd love to figure
* David F. Skoll <[EMAIL PROTECTED]> [20061227 11:27]:
> Philip Prindeville wrote:
>
> > Would it make more sense to suppress this test if the
> > attachment type's Mime info doesn't suggest it's dangerous?
>
> No, because Windows sometimes ignores
Philip Prindeville wrote:
> Would it make more sense to suppress this test if the
> attachment type's Mime info doesn't suggest it's dangerous?
No, because Windows sometimes ignores the MIME type and goes by
filename. It's a lose-lose situation.
--
David.
___
Hmmm
I had an email that was titled "Re: Broken DNS for ctwg.com"
which I tried to forward to someone as an attachment from
Thunderbird.
Thunderbird names the attachment whatever the subject line is,
and encodes it as message/rfc822.
Alas, MdF is seeing an attachment names ".com" and decidin
9 matches
Mail list logo
