Michael Collette wrote: > The following is based on some initial usability bug reports that has later > spawned new dataloss concerns. The purpose of this posting is to discuss > the issue of attachments in so far as how they relate to security. > > For reference: > ------------------- > Delete attachment from msg in folder > http://bugzilla.mozilla.org/show_bug.cgi?id=2920 > > RFE: Ability to Edit/delete attachments in mail/news > http://bugzilla.mozilla.org/show_bug.cgi?id=121728 > > Security impact by mozilla automatically attempting to download mail parts > http://bugzilla.mozilla.org/show_bug.cgi?id=109249 > > Deleted inbox after receiving virus infected mail > http://bugzilla.mozilla.org/show_bug.cgi?id=116443 > > The first two bugs here deal with usability, where the second two have > serious security and data integrity issues. All of these are related in > how Mozilla deals with E-Mail attachments in general. > > Positions Thus Far: > -------------------- > Mozilla stores mail in what is called the mbox format, which is a common > means for doing so under Unix. This allows for maximum flexibility in > between platforms. The entirety of all the messages in a folder, to > include attachments, is stored in a single file. > > One suggestion, that I am in favor of, is to strip the attachments from > incoming E-mail to a directory underneath /Mail prior to storing the body > to the InBox. This is not consistent with the mbox format, and is > considerably different from how Mozilla handles mail today. The best > example of an app doing this is Eudora. The advantages to this approach > have to do with both living in harmony with the wide variety of anti-virus > software out there, and allowing users to keep the text potions of E-mail > while being able to remove large attachments. > > The main counterpoint to this is that it is important to maintain the > integrity of the mbox format for backups and portability. By changing to a > different way of handling things would overly complicate portability > between OS's and mail clients. Dataloss involving AV apps should be should > be considered the responsiblity of the AV vendors. Attachments are part of > the E-Mail message, and should remain as such unless the entire message is > deleted. > (note: I hope I'm fairly representing this) > > Along side of these two points of discussion also resides how much > automation should be allowed for E-Mail messages. Bug #109249 has a > discussion running on this. I've included this as it relates to security > of handling attachments. > > Discussion: > --------------------- > Which of these points is best for Mozilla in the long run? Are there > alternative methods to be considered? What are the pros and cons of the > various approaches? > > Later on, >
I hope, this contribution is at the right place here. Sorry, if not, I am new here. I think, at the moment Mozilla Mail is less secure than a carefully configured Outlook Express. If I get a new message in my inbox, I can not see if the message contains an attachment - OE indicates that, so I cann take a look at the source text if it. Few days ago I received a BadTrans infected mail, and I got the "save-to-disk"-dialog immediatedly. (And the warning of my AV software) A symbol to indicate that this *new unread* message has an attachment would be very useful. Further, I made another test: I sent a html-file as an attachment (using Lotus Notes 4.5x) from my office to two of my privae mail-accounts. Mozilla Mail displays the html-file directly, OE (correctly) shows only the attachment that has to be opened/saved manually. In my opinion, this should be fixed in order to increase security. (I use Mozilla 0.9.7 20011221) Michael
