Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

TB SPAM filter can't on embedded links

  • 3 replies
  • 0 have this problem
  • 4 views
  • Last reply by Matt

more options

SPAM Filters are "Weak" I've been researching the SPAM I do get and putting into a database to further analyze I use [ctl+u] to show the "source" of the e-mail Then use [ctl+f] to "Find" a text string I type in. In this case "Http:" I see several matches within this document or if I hover over an embedded object in the e-mail I see the same "http..." links These links ALL start the same way and after the first "." (dot), they are very different in each e-mail to the next e-mail from the same SPAMer. So, I Parse out the 1st N Chars up to the 1st "." These "Parsed" links are responsible for 90% of the SPAM I get http://email. https://caribbeansuneyewear. http://tros.

  With this guy sending me >400 mails from Dec-2021 thru May-2022!

http://kral.

Seems to me if you guys could create a filter that would allow users to filter on an embedded link's web address, that a SIGNIFICANT MAJORITY of the SPAM would be caught (and stopped)

The current filters are not cutting it.The "From:", "To:", etc. are already "tweaked" by SPAMers and can't be accurately (i.e 100%) used. (Per several TB forum entries)

The only thing I found, in the TB forum, relating to this is: https://support.mozilla.org/en-US/questions/1303892 Matt: Top 10 Contributor Moderator 9/13/20, 12:41 AM I will just cut to the chase, the filters have access to the body text of the email, not the source HTML.

SPAM Filters are "Weak" I've been researching the SPAM I do get and putting into a database to further analyze I use [ctl+u] to show the "source" of the e-mail Then use [ctl+f] to "Find" a text string I type in. In this case "Http:" I see several matches within this document or if I hover over an embedded object in the e-mail I see the same "http..." links These links ALL start the same way and after the first "." (dot), they are very different in each e-mail to the next e-mail from the same SPAMer. So, I Parse out the 1st N Chars up to the 1st "." These "Parsed" links are responsible for 90% of the SPAM I get http://email. https://caribbeansuneyewear. http://tros. With this guy sending me >400 mails from Dec-2021 thru May-2022! http://kral. Seems to me if you guys could create a filter that would allow users to filter on an embedded link's web address, that a SIGNIFICANT MAJORITY of the SPAM would be caught (and stopped) The current filters are not cutting it.The "From:", "To:", etc. are already "tweaked" by SPAMers and can't be accurately (i.e 100%) used. (Per several TB forum entries) The only thing I found, in the TB forum, relating to this is: https://support.mozilla.org/en-US/questions/1303892 Matt: Top 10 Contributor Moderator 9/13/20, 12:41 AM I will just cut to the chase, the filters have access to the body text of the email, not the source HTML.

All Replies (3)

more options

This appears to be identical in all major respects to your topic from March which no one answered because you clearly understood you could not do what you wanted to do with basic Thunderbird.

Yet here we are again, this time with two questions in two days. Repetition is not going to change the answer. I answered the original question you link to and now I am just repeating myself.

Back in 2017 you asked and were told where to file a bug requesting an enhancement. With the release of V102, Thunderbird have moved feedback to https://connect.mozilla.org/ So now you have the option of formally requesting an enhancement via Bugzilla or submitting feedback or suggestions in the less formal environment of connect.

So far all the discussion is about manual filters, which you apparently desire to use to block certain domains. You should be aware that it is generally considered to be a complete waste of time manually filtering spam. The time invested in the filters is more than that consumed dealing with the spam.

Thunderbird's bayesian spam filter The source of which is located here https://searchfox.org/comm-central/source/mailnews/extensions/bayesian-spam-filter/nsBayesianFilter.cpp has significant enhancements over the basic manual filtering. All it requires of the user is that they click on spam to mark it as junk.

However as you are already aware manual filters have no access to the message source, only the displayed body. I doubt there is anything actually support related in this discussion.

more options

Matt,

   Thanks for the timely response.

I just want the large amount of SPAM coming from the SAME guys, to stop

In your reply from my March you "Suggested" manual filters. https://support.mozilla.org/en-US/questions/1372353 Yet, in the above, you state that they are a "complete waste of time manually filtering spam" So it seems as time goes on, your response has changed.

I pursue manual filters as the TB "Junk" feature doesn't work, as submitted in https://support.mozilla.org/en-US/questions/1386724 Which you promptly dismissed as a "Duplicate" record and closed it. Maybe I should have called the record "Junk Filters not working" instead of "SPAM & Junk Filters" I ask you to please reread this record and tell me what I'm doing wrong with the "Junk" feature, as it clearly doesn't work.

Furthermore, in your March response you stated: "Thunderbird filters allow access to the message text, not the source HTML. There are some security issues allowing access directly to the source as Thunderbird routinely sanitizes the HTML it displays."

   I agree with you that manual filters only catch "dumb spammers" and the only way I see to 

catch the smarter ones, is to add the embedded links capability to the TB "Junk" feature. This should rein in any "security issues" as you guys have complete control over the way TB determines junk. This would then NOT allow the end user access to them and would prevent miss-use/abuse.

Thanks for your time,

more options

blugene said

Matt, Thanks for the timely response. I just want the large amount of SPAM coming from the SAME guys, to stop In your reply from my March you "Suggested" manual filters. https://support.mozilla.org/en-US/questions/1372353 Yet, in the above, you state that they are a "complete waste of time manually filtering spam" So it seems as time goes on, your response has changed.

But my opinion has not. I find these forums to be inhabited by folk that are determined to do it there way regardless. If the automated system will not do it for you, your choices are use manual filters or live with it.

You are aware that Junk filtering is not picking the messages you want picked. You are aware that you can not access the URL's in messages using manual filters. I have reiterated that. Provided you with access to the source code of the junk filtering system and advised you where to lodge enhancement requests and submit feedback. Yet you are still posting in this topic.

Mozillazine have a good article on the junk filter. http://kb.mozillazine.org/Junk_Mail_Controls This goes into more detail than the Mozilla.org support site article. https://support.mozilla.org/en-US/kb/thunderbird-and-junk-spam-messages

You might do something with the filaquilla addon https://addons.thunderbird.net/en-US/thunderbird/addon/filtaquilla/ It at least uses the tokens from the spam email to train the junk filter. Although it have the same access limitations to message body is my understanding.

If you have suggestions for improving the junk filter to do what you want it to do, then the connect.mozilla.org site I pointed you to is the place to make those suggestions.