The following is based on some initial usability bug reports that has later spawned new dataloss concerns. The purpose of this posting is to discuss the issue of attachments in so far as how they relate to security.
For reference: ------------------- Delete attachment from msg in folder http://bugzilla.mozilla.org/show_bug.cgi?id=2920 RFE: Ability to Edit/delete attachments in mail/news http://bugzilla.mozilla.org/show_bug.cgi?id=121728 Security impact by mozilla automatically attempting to download mail parts http://bugzilla.mozilla.org/show_bug.cgi?id=109249 Deleted inbox after receiving virus infected mail http://bugzilla.mozilla.org/show_bug.cgi?id=116443 The first two bugs here deal with usability, where the second two have serious security and data integrity issues. All of these are related in how Mozilla deals with E-Mail attachments in general. Positions Thus Far: -------------------- Mozilla stores mail in what is called the mbox format, which is a common means for doing so under Unix. This allows for maximum flexibility in between platforms. The entirety of all the messages in a folder, to include attachments, is stored in a single file. One suggestion, that I am in favor of, is to strip the attachments from incoming E-mail to a directory underneath /Mail prior to storing the body to the InBox. This is not consistent with the mbox format, and is considerably different from how Mozilla handles mail today. The best example of an app doing this is Eudora. The advantages to this approach have to do with both living in harmony with the wide variety of anti-virus software out there, and allowing users to keep the text potions of E-mail while being able to remove large attachments. The main counterpoint to this is that it is important to maintain the integrity of the mbox format for backups and portability. By changing to a different way of handling things would overly complicate portability between OS's and mail clients. Dataloss involving AV apps should be should be considered the responsiblity of the AV vendors. Attachments are part of the E-Mail message, and should remain as such unless the entire message is deleted. (note: I hope I'm fairly representing this) Along side of these two points of discussion also resides how much automation should be allowed for E-Mail messages. Bug #109249 has a discussion running on this. I've included this as it relates to security of handling attachments. Discussion: --------------------- Which of these points is best for Mozilla in the long run? Are there alternative methods to be considered? What are the pros and cons of the various approaches? Later on, -- "Outside of a dog, a book is man's best friend. Inside of a dog, it's too dark to read." - Groucho Marx
