Every time my Seattle Times Newsletter appears in my inbox it gets
flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421). I've
added it to my contacts list and have given it permission to display
images, but the problem still persists. I have a half dozen or so
newsletters from various sources and this is the only one that gets
flagged. Aside from turning the feature off, does anyone have some
other ideas on how I can get my newsletter the respectability it
deserves?

LuDean Marvin keyboarded, On 7/22/2008 6:30 AM :
> Every time my Seattle Times Newsletter appears in my inbox it gets
> flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421). I've
> added it to my contacts list and have given it permission to display
> images, but the problem still persists. I have a half dozen or so
> newsletters from various sources and this is the only one that gets
> flagged. Aside from turning the feature off, does anyone have some
> other ideas on how I can get my newsletter the respectability it
> deserves?

Those actions have nothing to do with how the Scam code works. It deals
with mismatches between the From Header and the source server. Most
Users end up turning the feature off for the reasons your seeing. It is
not robust enough code to not through false positives for trusted senders.

--
Ron K.
Who is General Failure, and why is he searching my HDD?
Kernel Restore reported Major Error used BSOD to msg the enemy!

LuDean Marvin wrote:
> Every time my Seattle Times Newsletter appears in my inbox it gets
> flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421). I've
> added it to my contacts list and have given it permission to display
> images, but the problem still persists. I have a half dozen or so
> newsletters from various sources and this is the only one that gets
> flagged. Aside from turning the feature off, does anyone have some
> other ideas on how I can get my newsletter the respectability it deserves?



The SCAM feature is another simple thing


Everytime a message is opened (Yes Virginia, every time) the message is
scanned for two things

One is for numeric IPs instead of 'language' ones
i.e. 12.123.123.12 instead of www.spamalot.noorg
Two is for differences between the text and the source
I.e. text says www.banksecurity.com but source points to
www.china.banksecurity.com


The SCAM feature cannot be trained, it doesn't learn (the spam or junk
mail feature can do both).


When you mark a specific message as NOT A SCAM, then a header is added
to that specific messsage (not to duplicates or others that are the
same) so the scan is supressed when the message is opened again.

Problem is, while the two things it scans for are used by phishing
messages, they are also used by legitimate newsletters as well, and
evidently, the Seattle Times Newsletter is one of them.


The only control you have over the SCAM feature is to turn it off. Thats it.
Many people turn it off.


[Tools-->Options]*-->Privacy [Email Scams]

Uncheck
[] Tell me if the email message I'm reading is a suspected email scam


*varies by OS
Linux
[Edit-->Preferences]
Mac
[Thunderbird-->Preferences]
Windows as above

Tjamks ron andMoz Champion (Dan) wrote:
> LuDean Marvin wrote:
>> Every time my Seattle Times Newsletter appears in my inbox it gets
>> flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421). I've
>> added it to my contacts list and have given it permission to display
>> images, but the problem still persists. I have a half dozen or so
>> newsletters from various sources and this is the only one that gets
>> flagged. Aside from turning the feature off, does anyone have some
>> other ideas on how I can get my newsletter the respectability it
>> deserves?
>
>
>
> The SCAM feature is another simple thing
>
>
> Everytime a message is opened (Yes Virginia, every time) the message is
> scanned for two things
>
> One is for numeric IPs instead of 'language' ones
> i.e. 12.123.123.12 instead of www.spamalot.noorg
> Two is for differences between the text and the source
> I.e. text says www.banksecurity.com but source points to
> www.china.banksecurity.com
>
>
> The SCAM feature cannot be trained, it doesn't learn (the spam or junk
> mail feature can do both).
>
>
> When you mark a specific message as NOT A SCAM, then a header is added
> to that specific messsage (not to duplicates or others that are the
> same) so the scan is supressed when the message is opened again.
>
> Problem is, while the two things it scans for are used by phishing
> messages, they are also used by legitimate newsletters as well, and
> evidently, the Seattle Times Newsletter is one of them.
>
>
> The only control you have over the SCAM feature is to turn it off. Thats
> it.
> Many people turn it off.

Thjanks Ron & Moz for your prompt responses. It wasn't what I had
hoped to here, but I now know that turning it off is the best
solution. Thanks again,..

Sincerely,

LuDean

>
> [Tools-->Options]*-->Privacy [Email Scams]
>
> Uncheck
> [] Tell me if the email message I'm reading is a suspected email scam
>
>
> *varies by OS
> Linux
> [Edit-->Preferences]
> Mac
> [Thunderbird-->Preferences]
> Windows as above

Moz Champion (Dan) wrote:
> LuDean Marvin wrote:
>> Every time my Seattle Times Newsletter appears in my inbox it gets
>> flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421). I've
>> added it to my contacts list and have given it permission to display
>> images, but the problem still persists. I have a half dozen or so
>> newsletters from various sources and this is the only one that gets
>> flagged. Aside from turning the feature off, does anyone have some
>> other ideas on how I can get my newsletter the respectability it
>> deserves?
>
>
>
> The SCAM feature is another simple thing
>
>
> Everytime a message is opened (Yes Virginia, every time) the message is
> scanned for two things
>
> One is for numeric IPs instead of 'language' ones
> i.e. 12.123.123.12 instead of www.spamalot.noorg
> Two is for differences between the text and the source
> I.e. text says www.banksecurity.com but source points to
> www.china.banksecurity.com
>
>
> The SCAM feature cannot be trained, it doesn't learn (the spam or junk
> mail feature can do both).
>
>
> When you mark a specific message as NOT A SCAM, then a header is added
> to that specific messsage (not to duplicates or others that are the
> same) so the scan is supressed when the message is opened again.
>
> Problem is, while the two things it scans for are used by phishing
> messages, they are also used by legitimate newsletters as well, and
> evidently, the Seattle Times Newsletter is one of them.
>
>
> The only control you have over the SCAM feature is to turn it off. Thats
> it.
> Many people turn it off.
>
>
> [Tools-->Options]*-->Privacy [Email Scams]
>
> Uncheck
> [] Tell me if the email message I'm reading is a suspected email scam
>
>
> *varies by OS
> Linux
> [Edit-->Preferences]
> Mac
> [Thunderbird-->Preferences]
> Windows as above
Since the solutions always seems to be "turn it off", why the heck is it
part of the product?


--
The Frosted Flake
+------------------------ SPAM is for eating ------------------------+

Frosted_Flake wrote:
> Moz Champion (Dan) wrote:
>> LuDean Marvin wrote:
>>> Every time my Seattle Times Newsletter appears in my inbox it gets
>>> flagged as a possible scam by Thunderbird v.2.0.0.14 (20080421).
>>> I've added it to my contacts list and have given it permission to
>>> display images, but the problem still persists. I have a half dozen
>>> or so newsletters from various sources and this is the only one that
>>> gets flagged. Aside from turning the feature off, does anyone have
>>> some other ideas on how I can get my newsletter the respectability it
>>> deserves?
>>
>>
>>
>> The SCAM feature is another simple thing
>>
>>
>> Everytime a message is opened (Yes Virginia, every time) the message
>> is scanned for two things
>>
>> One is for numeric IPs instead of 'language' ones
>> i.e. 12.123.123.12 instead of www.spamalot.noorg
>> Two is for differences between the text and the source
>> I.e. text says www.banksecurity.com but source points to
>> www.china.banksecurity.com
>>
>>
>> The SCAM feature cannot be trained, it doesn't learn (the spam or
>> junk mail feature can do both).
>>
>>
>> When you mark a specific message as NOT A SCAM, then a header is added
>> to that specific messsage (not to duplicates or others that are the
>> same) so the scan is supressed when the message is opened again.
>>
>> Problem is, while the two things it scans for are used by phishing
>> messages, they are also used by legitimate newsletters as well, and
>> evidently, the Seattle Times Newsletter is one of them.
>>
>>
>> The only control you have over the SCAM feature is to turn it off.
>> Thats it.
>> Many people turn it off.
>>
>>
>> [Tools-->Options]*-->Privacy [Email Scams]
>>
>> Uncheck
>> [] Tell me if the email message I'm reading is a suspected email scam
>>
>>
>> *varies by OS
>> Linux
>> [Edit-->Preferences]
>> Mac
>> [Thunderbird-->Preferences]
>> Windows as above
> Since the solutions always seems to be "turn it off", why the heck is it
> part of the product?
>
>


For the same reason pop-up blocking or tabs or favicons or many other
features are there. It provides the user with a means of 'customizing'
the product. It provides a starting point

The two things it looks for are essentially hallmarks of phishing emails
so it does provide some benefit for new users, it simply isn't 100%
accurate because some legitimate newsletters use the same 'tricks' as well.

Put it this way. If you didn't have a legitimate newsletter that it
caught, then it would be rather good protection (tho not 100% of
course). Essentially, it could catch upwards of 35% or so of the
phishing emails sent your way, and if you didn't have the false
positive, then why fix what ain't broke?

It does catch a fair percentage of phishing emails (estimates vary
between 35 and 60 percent), so it's better than nothing.

If a developer could work it out, it could even be upgraded to a
'learning' system (sort of like Junk Mail Controls) but no-one seems to
have a handy dandy algorythym for that yet.