Bug 385998

Summary: Scam detection reads GnuPG output, giving false positives
Product: [Applications] kmail2 Reporter: Karl-Johan Karlsson <creideiki+kdebugs>
Component: UIAssignee: kdepim bugs <pim-bugs-null>
Status: RESOLVED FIXED    
Severity: minor    
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Karl-Johan Karlsson 2017-10-20 16:22:32 UTC 
This is for version 5.6.2, which is not an available alternative.

GnuPG key BF8806F188590D8F includes a user ID containing an HTTPS URL. When looking at a mail signed by that key, KMail complains that it is a scam, citing:

   This email contains a link (mailto:https://censored,address@censored,address@censored,https://censored) which contains multiple http://. This is often the case in scam emails.

Scam detection should only operate on the text of the e-mail itself, not locally generated GnuPG output.
Comment 1 Justin Zobel 2022-11-10 08:52:07 UTC 
Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version?

If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!
Comment 2 Karl-Johan Karlsson 2022-11-10 09:05:14 UTC 
I checked on KMail 5.21.3, and can no longer reproduce this problem.