Do you have View/Display Attachments Inline checked? If an image is attached, it's not remote content, and if inline viewing is enabled, it doesn't matter if you view plain text or html.

I do NOT have 'View/Display Attachments Inline' checked. This morning was the first time I have observed this behavior and Thunderbird installed an update on the 20th. installing 52.1.1

The Display Attachments Inline function works here, so my first suggestion is that you run TB in safe mode and see if the attached pictures are still displayed. Help/Restart with Add-ons Disabled.

I'll try that, but I don't have many extensions running.

Safe mode made no difference.

Just to be precise, this is an image that is strictly 'attached' to the message, and not also embedded in the message body. Either way, I don't think your settings should allow it to be visible automatically, but since it is a spam message, it's possible the sender has gone to some lengths to circumvent the usual blocking mechanisms.

That may be true. This is the first time I have seen someone succeed in getting a picture past the settings I have.

Here is part of the message ... [quote]

.....
-microsoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:off=
ice:word" xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"=
 xmlns=3D"http://www.w3.org/TR/REC-html40"><head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-=
8"><meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered med=
ium)"><style></style></head><body lang=3D"EN-US" link=3D"blue" vlink=3D"#954F72"=
>
<a href=3D"http://=
connect.uhdshots.com"></a>
<o:p> </o:p>
<p class=3DMsoNormal>Hey friend, <o=
:p></o:p>
<o:p>&nbsp=
;</o:p>
That is just=
 a quick note to say thank you, you may  find my  whole message here <=
a href=3D"http://connect.uhdshots.com">continue reading</a><o:p></o:p>=
<o:p> </o:p></=
span>
<p class=3DMsoNormal>Later, xa72538<o:p></=
o:p>
<p class=3D"MsoNormal"><o:p> </o:p>
<d=
iv style=3D"border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0=
cm 0cm 0cm"><p class=3D"MsoNormal">From: cuwhj=
fidmxpl mailto:-------------------------- 
Sent: Monday, M=
ay 22, 2017 2:08 PM
To: xa72538@yahoo.co.jp
Subject:</=
b> good eyes<o:p></o:p>
<p class=3D"MsoNormal"><=
o:p> </o:p>
<p class=3D"MsoNormal"><p class=3Dmsonormal1>It really depends on the game. If i'm playing Bioshock I=
nfinite or Borderlands:  The Pre-Sequel,  i can't really play at 22 fp=
s, because the action is moving too fast. But if i'm playing Industry =
Empire (which is surprisingly  fun)  or Tropico 5...i  don't  mind a s=
lower framerate  for better graphics, because i'm not in a hurry in  t=
he first  place. So  yeah. I mean, ideally you want 60+, but  20+ is  =
okay in some instances.<o:p></o:p>
<o:p></o:p>
<p class=3D=
"MsoNormal"><o:p> </o:p>
<p class=3D"MsoNormal">Sent from Mail=
 for Windows 10
<p class=3D"MsoNormal"><o:p> </o:p>
<=
/body></html>

--_FCA6B9D4-4A01-4D3E-B984-5F75FE2A40A4_--

--_1F1D0E36-D4E2-48F0-8D81-621595BF6DD8_
Content-Type: image/jpeg; name="BE9DF8FF2F9AACF85BF91BCF08470FE2.jpg"
Content-ID: <image053@C183F4FF.756E6BD7>
Content-Transfer-Encoding: base64
Content-Disposition: inline; filename="BE9DF8FF2F9AACF85BF91BCF08470FE2.jpg"
.....

I have hacked your message to make the source readable. Matt

having only the partial source, all I can tell you is that is looks like a copy and paste from word.

My question is the message sent only as HTML. Is there a text secion in it as a multi part mime message or is is missing.

I have no idea what Thunderbird does when there is no text part in this instance. Perhaps what is being observed.

Thunderbird should not be displaying pictures when it is operating in the 'text only' mode, no matter how those pictures are encoded into the message stream.

I don't believe that, prior to the latest update, it would display those pictures. It certainly shouldn't. However, since I seldom open spam in any mode but ctrl-u mode, I must admit that I would not normally have seen the pictures if I hadn't accidentally opened it.

I believe that the latest update has made thunderbird more vulnerable to malware and phishes. That is the reason I took the time and made the effort to make my report.

I still hope that someone at Mozilla actually checks 'mozilla support'.

bz_tb1 said

Thunderbird should not be displaying pictures when it is operating in the 'text only' mode, no matter how those pictures are encoded into the message stream.

I dispute that. Attached images should be displayed if the option to display attachments inline is selected regardless of the message being text or HTML.

well that is unhelpful. what is the whole source. You are making pronouncement based on guesses and speculation

. I don't believe that, prior to the latest update, it would display those pictures. It certainly shouldn't. However, since I seldom open spam in any mode but ctrl-u mode, I must admit that I would not normally have seen the pictures if I hadn't accidentally opened it.

You are the one with the example message that demonstrates what you say is wrong. perhaps a better approach would be to share it so we can workout what is really happening.

I believe that the latest update has made thunderbird more vulnerable to malware and phishes. That is the reason I took the time and made the effort to make my report.

You have made a support request, but filed a bug report. Nor have you actually done more than made an observation.

If I were to file a bug report... what do I tell the developers? someone say they think there is a bug. They will want steps to reproduce. an email that demonstrates the issue. it is also expected that when filing a bug you know what component is at fault. We have established none of that. We have not even extablished if the wrong thing is happening.

I still hope that someone at Mozilla actually checks 'mozilla support'.

You must be dreaming then.That statement contains two falacies. One that mozilla is involved in the coding and release of Thunderbird. The second that a support forum is a bug reporting mechanism.

bz_tb1 said

Thunderbird should not be displaying pictures when it is operating in the 'text only' mode, no matter how those pictures are encoded into the message stream. .... I still hope that someone at Mozilla actually checks 'mozilla support'.

With the options I had and have selected, that was and is a true statement. Also "Text only" does NOT say "Text and pictures", It says "Text only", so absent another option checked saying "Allow display of pictures encoded into the text stream", there should be no display of pictures.

Matt said

bz_tb1 said

Thunderbird should not be displaying pictures when it is operating in the 'text only' mode, no matter how those pictures are encoded into the message stream.

I dispute that. Attached images should be displayed if the option to display attachments inline is selected regardless of the message being text or HTML.

I showed that that option was NOT selected! Look at the screen capture I made of the options I had selected.

Matt said

well that is unhelpful. what is the whole source. You are making pronouncement based on guesses and speculation

The partial source I provided contains ALL relevant code. It just lacks the message header and the attached pictures. The only portion of the encoded message removed was the target e-mail address. I offered to provide more information upon request, but I see no reason to paste the whole message HERE. Matt said

. I don't believe that, prior to the latest update, it would display those pictures. It certainly shouldn't. However, since I seldom open spam in any mode but ctrl-u mode, I must admit that I would not normally have seen the pictures if I hadn't accidentally opened it.

You are the one with the example message that demonstrates what you say is wrong. perhaps a better approach would be to share it so we can workout what is really happening.

I DID share it. Matt said

I believe that the latest update has made thunderbird more vulnerable to malware and phishes. That is the reason I took the time and made the effort to make my report.

You have made a support request, but filed a bug report. Nor have you actually done more than made an observation.

If I were to file a bug report... what do I tell the developers? someone say they think there is a bug. They will want steps to reproduce. an email that demonstrates the issue. it is also expected that when filing a bug you know what component is at fault. We have established none of that. We have not even extablished if the wrong thing is happening.

I looked for a place to file a bug report. This was the place the program led me. If there is a more appropriate place to send the report, you could be helpful and provide the information. The Thunderbird program should provide it. Matt said

I still hope that someone at Mozilla actually checks 'mozilla support'.

You must be dreaming then.That statement contains two falacies. One that mozilla is involved in the coding and release of Thunderbird. The second that a support forum is a bug reporting mechanism.

The 'Help' tab of the Thunderbird program has a link to this site on the 'Troubleshooting Information' tab.

The 'About Mozilla Thunderbird' link says "Thunderbird is designed by Mozilla, a global community working together to keep the web open, public and accessible to all."

YOU, I assume, are attempting, in your own way, to help with that task.

I am still hoping for some specific useful suggestions and help getting my information to someone who can do something useful.

Please file a bug on https://bugzil.la and add the complete email message there as attachment. This way other people can try to see if they can reproduce your issue. Maybe it's a but, bur in order to triage it, we need all the information about your settings, the steps to reproduce and the example message.