Mozilla VPN is currently experiencing an outage. Our team is actively working to resolve the issue. Please check the status page for real-time updates. Thank you for your patience.

Avatar for Username

Pesquisar no site de suporte

Evite golpes de suporte. Nunca pedimos que você ligue ou envie uma mensagem de texto para um número de telefone, ou compartilhe informações pessoais. Denuncie atividades suspeitas usando a opção “Denunciar abuso”.

Saiba mais

Esta discussão foi arquivada. Faça uma nova pergunta se precisa de ajuda.

European hackers

  • 2 respostas
  • 0 tem este problema
  • 5 visualizações
  • Última resposta de fn.eskesen

fn.eskesen
fn.eskesen
more options

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".)

I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text.

Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".) I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text. Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

Alterado por fn.eskesen em

Solução escolhida

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

Ler esta resposta 👍 1

Todas as respostas (2)

christ1
christ1
  • Top 25 Contributor
more options

Solução escolhida

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

fn.eskesen
fn.eskesen Autor da pergunta
more options

The message that contained large meaningless text looked like they might have been a buffer overflow attack. I'm pretty confident that Thunderbird isn't vulnerable to that, but other mail readers exist. I haven't been been using the junk filter approach but will start doing that immediately. You're right, static filters are futile.

Thanks for your advice. It's helpful and spot on.