Zoeken in Support

Vermijd ondersteuningsscams. We zullen u nooit vragen een telefoonnummer te bellen, er een sms naar te sturen of persoonlijke gegevens te delen. Meld verdachte activiteit met de optie ‘Misbruik melden’.

Meer info

Deze conversatie is gearchiveerd. Stel een nieuwe vraag als u hulp nodig hebt.

European hackers

  • 2 antwoorden
  • 0 hebben dit probleem
  • 26 weergaven
  • Laatste antwoord van fn.eskesen

more options

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".)

I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text.

Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

THUNDERBIRD: I've been getting hacker/phishing e-mails on one of my accounts. These are usually but not always from different EU countries. I have message filters that gets most but not all of them. The hacker e-mails are full of random /ab/cd/... hex characters. I think they're trying to use some sort of buffer overflow exploit. I don't think you have it. They also send short message with "click here to unsubscribe" and not much else. (Naturally, I don't "click here".) I have two questions: 1) It's not clear on the message filters whether I should delete them before or after the junk filter. Either way some of them seem to sneak through to the trash folder. What's the recommended setting so that the filter action takes place? (Filter action == delete) 2) I tried adding a check in the message body for /ad/ or something else. With the body containing all sorts of /hex-pair/ random stuff, the check was pretty sure to hit. The delete action never seemed to work. (Sometimes clicking on the inbox then back to the trash folder gets rid of them. Sometimes not.) These apparent attempt to exploit buffer overflow messages do not contain normal written text. Maybe you could help me find some other way of auto-deleting this junk. It comes in with all sorts of random subject titles that I can tell are this spam, but would be hard to auto-detect without a sophisticated AI.

Bewerkt door fn.eskesen op

Gekozen oplossing

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

Dit antwoord in context lezen 👍 1

Alle antwoorden (2)

more options

Gekozen oplossing

Attempting to fight spam messages with static filters is futile. Better use the built-in junk mail controls. https://support.mozilla.org/kb/thunderbird-and-junk-spam-messages

Email messages are plain text, there is no binary content in an email message. Hence there is no way causing a buffer overflow from just opening an email message.

more options

The message that contained large meaningless text looked like they might have been a buffer overflow attack. I'm pretty confident that Thunderbird isn't vulnerable to that, but other mail readers exist. I haven't been been using the junk filter approach but will start doing that immediately. You're right, static filters are futile.

Thanks for your advice. It's helpful and spot on.