Join the AMA (Ask Me Anything) with the Firefox leadership team to celebrate Firefox 20th anniversary and discuss Firefox’s future on Mozilla Connect. Mark your calendar on Thursday, November 14, 18:00 - 20:00 UTC!

Funkcionalnosć toś togo sedła se pśez wótwardowańske źěła wobgranicujo, kótarež maju wašo dožywjenje pólěpšyś. Jolic nastawk waš problem njerozwězujo a cośo pšašanje stajiś, wobrośćo se na našo zgromoźeństwo pomocy, kótarež na to caka, wam na @FirefoxSupport na Twitter a /r/firefox na Reddit pomagaś.

Avatar for Username

Pomoc pśepytaś

Glědajśo se wobšudy pomocy. Njenapominajomy was nigda, telefonowy numer zawołaś, SMS pósłaś abo wósobinske informacije pśeraźiś. Pšosym dajśo suspektnu aktiwitu z pomocu nastajenja „Znjewužywanje k wěsći daś“ k wěsći.

Dalšne informacije

Toś ta nitka jo se archiwěrowała. Pšosym stajśo nowe pšašanje, joli trjebaśo pomoc.

Thunderbird Supernova next message after delete (security risk)

  • 2 wótegronje
  • 0 ma toś ten problem
  • 1 naglěd
  • Slědne wótegrono wót ywn456

ywn456
ywn456
more options

I recently upgraded Thunderbird to 115.3.1, and a horrible change took place. I browse messages in split view, rightclick-delete unwanted messages from the message list on top. The new version - unlike the pre-115 - automatically selects (and opens in bottom pane) the next message closest to the deleted one. Needless to say this is a huge security flaw. I never want to auto-select or auto-open an unknown message.

I am aware of the advanced "mail.delete_matches_sort_order" and the "close message window/tab on move or delete" switches, neither does anything useful anymore. I have an old, safe message at the top of my message list (sorted on oldest first), selected and opened while browsing the list, and in the previous version, even in the worst case it always kept viewing this safe message. But now it always switches selection to a neighbor (DOWN in the list) of the deleted message - but a neighbour of an unsafe message is usually another unsafe message regardless of sort type.

The only temporary workaround I see atm is leftclick-drag messages to trash, but this is also unsafe because of occassional doubleclick. Thunderbird cannot be used safely atm? Should this horrible change be filed as a bug report somewhere? Please help.

I recently upgraded Thunderbird to 115.3.1, and a horrible change took place. I browse messages in split view, rightclick-delete unwanted messages from the message list on top. The new version - unlike the pre-115 - automatically selects (and opens in bottom pane) the next message closest to the deleted one. Needless to say this is a huge security flaw. I never want to auto-select or auto-open an unknown message. I am aware of the advanced "mail.delete_matches_sort_order" and the "close message window/tab on move or delete" switches, neither does anything useful anymore. I have an old, safe message at the top of my message list (sorted on oldest first), selected and opened while browsing the list, and in the previous version, even in the worst case it always kept viewing this safe message. But now it always switches selection to a neighbor (DOWN in the list) of the deleted message - but a neighbour of an unsafe message is usually another unsafe message regardless of sort type. The only temporary workaround I see atm is leftclick-drag messages to trash, but this is also unsafe because of occassional doubleclick. Thunderbird cannot be used safely atm? Should this horrible change be filed as a bug report somewhere? Please help.

Wšykne wótegrona (2)

Matt
Matt
  • Moderator
  • Top 10 Contributor
more options

Just curious, what is the security issue with auto opening a message? To be clear you can not get some virus by opening a message, nor will any scripts contained in the message run. So what is the security risk to which you refer? BTW I am a refugee from Microsoft mail clients where the mantra about opening mails is very valid because you can have all sorts of nasty things happen from opening an email. None of which applies to Thunderbird, except as old wives tales.

ywn456
ywn456 Pšašaŕ
more options

If you look at changelogs (even thunderbird changelogs from less than a month ago), critical issues are fixed regularly, which would allow remote code execution just by displaying a single image or things like that. Remeber the nix vulnerability from a few years ago, where the os would straight execute shell commands it received in http requests's cookies or headers. There is no telling what will be in tomorrow's changelog.

Rightclick-deleting unsafe mails without selecting or opening them is probably the most important function of a mail client. Why take a risk without any potential gain?

Wót ywn456 změnjony