385998 – Scam detection reads GnuPG output, giving false positives

Bug 385998 - Scam detection reads GnuPG output, giving false positives

Summary: Scam detection reads GnuPG output, giving false positives

Status:	RESOLVED FIXED

Alias:	None

Product:	kmail2
Classification:	Applications
Component:	UI (show other bugs)
Version:	unspecified
Platform:	Other Linux

Importance:	NOR minor
Target Milestone:	---
Assignee:	kdepim bugs

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-10-20 16:22 UTC by Karl-Johan Karlsson
Modified:	2022-11-10 09:05 UTC (History)
CC List:	0 users

See Also:
Latest Commit:
Version Fixed In:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Karl-Johan Karlsson 2017-10-20 16:22:32 UTC

This is for version 5.6.2, which is not an available alternative.

GnuPG key BF8806F188590D8F includes a user ID containing an HTTPS URL. When looking at a mail signed by that key, KMail complains that it is a scam, citing:

   This email contains a link (mailto:https://censored,address@censored,address@censored,https://censored) which contains multiple http://. This is often the case in scam emails.

Scam detection should only operate on the text of the e-mail itself, not locally generated GnuPG output.

Comment 1 Justin Zobel 2022-11-10 08:52:07 UTC

Thank you for reporting this issue in KDE software. As it has been a while since this issue was reported, can we please ask you to see if you can reproduce the issue with a recent software version?

If you can reproduce the issue, please change the status to "REPORTED" when replying. Thank you!

Comment 2 Karl-Johan Karlsson 2022-11-10 09:05:14 UTC

I checked on KMail 5.21.3, and can no longer reproduce this problem.