Is there a way to enable Remote Content in messages that are from People from my Address book?
I have a feeling that I've seen the option somewhere long ago.
Nowadays I found no other option than manually put every email to exception list. (I don't want to globally enable remote content)
Is there a way? Or maybe AddOn?
Thanks, Jiri.
தீர்வு தேர்ந்தெடுக்கப்பட்டது
Interestingly you would assume that those in your address book are more secure. truthfully this is not the case.
We has a remote policy that relied on sender address and actually dumped it in favor of the current arrangement that relies on t6he image source.
Two things to keep in mind, one is that most scam emails come from a known contact, that is what makes them so effective from a social engineering perspective. So the sender, or reported sender, does not make the email more likely to be secure.
The second issue is it is the source of the images that is likely to be an issue not the sender.
Images from say Facebook will be largely innocuous. Facebook has a policy that makes it rather difficult for unsavory images to be there. However images from raunchysex.xxx are more than likely to make most peoples radar ping over content they really do not want in lurid colour on opening a mail with the grand kids in tow.
In both those sites cases, the email could come from me, but your personal desires would be different with regards to the content.
So the short of it is, counter to our normal assumptions. Those in our address book are not safer and the source of the images is far more relevant than the sender.
So if you want to trust all your address book, the risks are basically the same to turn on all remote images.
Having said that there is still an option to trust an individual address. Particularly helpful if you get a daily mail from ebay and want the images or regular family snaps
Read this answer in context 👍 0All Replies (5)
Remote content is disabled for an exceptionally good reason.
You cannot assume that your friends email address, which is stored in your address books is actually being sent by them. Even if the email was sent by them, you may not know where they got the remote content from or what it could contain. So, please continue to be very wary of all remote content, no matter who allegedly sends the email.
just in case you are not fully understanding why it is disabled by default:
- https://support.mozilla.org/en-US/kb/remote-content-in-messages
- http://kb.mozillazine.org/Privacy_basics_%28Thunderbird%29
The quickest method of adding a particular email address. click on 'Options' and select 'Allow remote content for email address'
Hi Tod, and thank you for the explanation. I do see your point. I agree that remote content should be disabled by default. But my point is:
If there IS an option in Thunderbird to globally enable the remote content in all messages (which we both agree is not wise), why there IS NOT an option to enable remote content for people from my contact book, which is way WAY more secure than global option?
It is great that Mozilla programmers take care of my security. I, however, want to take a risk. But if there is no way to do that, the Thunderbird limits my freedom of choice.
தீர்வு தேர்ந்தெடுக்கப்பட்டது
Interestingly you would assume that those in your address book are more secure. truthfully this is not the case.
We has a remote policy that relied on sender address and actually dumped it in favor of the current arrangement that relies on t6he image source.
Two things to keep in mind, one is that most scam emails come from a known contact, that is what makes them so effective from a social engineering perspective. So the sender, or reported sender, does not make the email more likely to be secure.
The second issue is it is the source of the images that is likely to be an issue not the sender.
Images from say Facebook will be largely innocuous. Facebook has a policy that makes it rather difficult for unsavory images to be there. However images from raunchysex.xxx are more than likely to make most peoples radar ping over content they really do not want in lurid colour on opening a mail with the grand kids in tow.
In both those sites cases, the email could come from me, but your personal desires would be different with regards to the content.
So the short of it is, counter to our normal assumptions. Those in our address book are not safer and the source of the images is far more relevant than the sender.
So if you want to trust all your address book, the risks are basically the same to turn on all remote images.
Having said that there is still an option to trust an individual address. Particularly helpful if you get a daily mail from ebay and want the images or regular family snaps
All right, I was wrong. What I understood:
There is no way to enable remote content for emails send by people from my contact book. There is no menu option, nor hidden option, nor system config option, nor AddOn. The reasons were explained. Correct?
It would be nice to have at least direct button to Show remote content in a single-click action, rather than Options > Show remote content.
Cheers, Kosi
It used to be a one click Show remote content action, but was changed to the current method. There used to be an option in the actual contact properties form where you could select to allow remote content for that person. now removed.
All done to improve privacy, security risks by default.
A bug was created asking for the return of the 'one click', but it doesn't sound like it is going to happen.
another bug was created asking for the 'button' to be modified as buttons are not the usual/generic method used to denote a drop down list - there was also the mention of a separate 'one click' button, to just allow for that message.
There is no specific way of saying 'allow if in my address books'. There is little point anyway, as explained by Matt.
The current method is a two click solution to put a specific email address into the exceptions. So yes, you can put specified email addresses of your contacts into exceptions to allow displaying of remote content. It is a bit more effort - a second click - but it makes you think about what you are doing and the risks you are taking. As a point to mention: I have received three emails today that are allegedly from people in my address book, but they were not - some nefarious idiot had abused their email address and sent out a load of rubbish. These good and genuine email addresses are in my address book and so, due to my settings, did not get checked by Junk Controls. Those emails had remote content, which seemed unusual for a standard email from a friend. This just edifies my decision to not allow friends/family email addresses to show remote content. So, you can set it to allow, but you cannot rely on the email address being from an honest source. btw - you cannot assume your anti-virus will sort this out.