[prev in list] [next in list] [prev in thread] [next in thread]
List: evolution
Subject: Re: [Evolution] Tell how to handle malicious email in Evolution Help and make defanged examples into
From: Andre Klapper <ak-47 () gmx ! net>
Date: 2018-11-18 9:00:35
Message-ID: 6e8bad0933d310f72787a942df5fb26b41f367d5.camel () gmx ! net
[Download RAW message or body]
On Sat, 2018-11-17 at 16:06 -0800, Lee McKusick wrote:
> I am writing to suggest the Evolution help file be updated with
> instructions on how to safely capture a malicious email
There is neither something Evolution specific nor something "malicious
email" specific, I'd say:
You can click "File > Save as mbox...", as for any other email.
Hence that sounds out of scope for the Evolution help file.
> , and further, how to deal with some of the malicious emails
Like any other email: You can delete emails you don't want, you can
ignore emails, ... neither Evo specific nor "malicious" specific.
> and yet further, how to clean up the system if a really persistent
> bad email can not be removed.
If some email cannot be deleted in Evolution for some reason that would
be a bug. Bugs with clear steps to reproduce can be reported at
https://gitlab.gnome.org/GNOME/evolution/issues/new
> Additionally, we should have a way of collecting some captured
> emails,
Who is "we"? See above how to save / "capture" an email.
> defanging them and making them available as test tools so a system
> administrator can confirm instances of Evolution on user machines are
> updated and safe from malicious take-over.
Your system administrator and you are welcome to set up a process to
collect such emails (for some reason I do not understand yet).
> I got a really nasty email that drew red lines and switched all
> incoming mail to the Junk folder. Fooling me for several days.
That sounds unlikely. If such things happened, exact steps to
reproduce, a testcase, and account info (IMAP? POP?) are welcome.
> I have been running Evolution on Ubuntu Linux for years. The other day
> about November 8, 2018. I received a remarkably malicious email, which
> was so nasty I deleted it with prejudice.
>
> This email drew a red line through about six subject lines 3 above and
> 3 below itself. Further, this email routed all my incoming mail to the
> Junk folder.
That sounds unrelated to that email. A red subject line means that your
junk filter decided that the email is junk. You can disable displaying
junk messages in your mail folder via "View > Show Junk Messages".
"routing": Which email account type is this about? Local? Remote?
> My guess is the method of drawing red lines was accomplished by filling
> the subject line with terminal control characters. That is an old trick
> dating back to teletype terminals that used backspace and overtyping to
> underline text.
We will only find out for sure with a test case.
> I started searching trying to find guidance on how to handle this
> email. I was puzzled that I simply couldn't find any good current
> information about this malicious email. My guess is this malicious
> email is an old trick being deliberately sent in hopes that the odd
> Evolution user such as myself is at the other end.
>
> The second trick that the malicious email did, is it routed all my
> emails to the Junk folder. This email appears to have poked a false
> account name called "Enabled checkbox On this computer Default
> greencheckbox maildir" into the preferences->account name table.
I don't see how the creation of such an account would be related to
"routing emails to the Junk folder".
Which email account type(s) is this about?
How exactly is spam filtering set up? Server-side? In Evolution?
Spamassassin? Bogofilter? Something else?
Cheers,
andre
--
Andre Klapper | ak-47@gmx.net
https://blogs.gnome.org/aklapper/
_______________________________________________
evolution-list mailing list
evolution-list@gnome.org
To change your list options or unsubscribe, visit ...
https://mail.gnome.org/mailman/listinfo/evolution-list
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic