This Thunderbird extension warnst against potential malicious attachments like docm and xlsm files. A set of highly risky attachments are blocked (cmd, exe etc.). See corresponding section in this document for an overview of file extensions.
There is a lot of space for improvements. Feel free to contribute and send pull requests.
Special thanks to Sarah (astriia) for creating the logo!
This extension can be downloaded directly from the Thunderbird add-on repository: https://addons.thunderbird.net/de/thunderbird/addon/warnattachment/
The Thunderbird API is constantly changing and this extension has to be adapted accordingly. Currently, two branches exist:
- Major version number starting with 0, i.e. 0.12 is for Thunderbird 60.x and below.
- Major version number starting with 1, i.e. 1.1 is for Thunderbird 68.x and above.
I try my best to test all possible combinations. If you find any problems, feel free to open an issue or drop me a line.
A warning message is shown for the following file extensions:
- DOC
- DOCM
- PPT
- PPTM
- XLS
- XLSM
- PPS
- PPSM
- ZIP
- RAR
- 7z
- HTM
- HTML
These files may contain macro viruses which are nowadays commonly used for encryption malware. The user is asked if s/he is really willing to open the file and if it is from a trustworthy source.
The following extensions are blocked completely. The user is not able to open these files (besides deactivating the plugin). The source of these file types is this google mail support page:
- ADE
- ADP
- BAT
- CHM
- CMD
- COM
- CPL
- EXE
- HTA
- INS
- ISP
- JAR
- JS
- JSE
- LIB
- LNK
- MDE
- MSC
- MSI
- MSP
- MST
- NSH
- PIF
- SCR
- SCT
- SHB
- SYS
- VB
- VBE
- VBS
- VXD
- WSC
- WSF
- WSH
- INETLOC
- IMG
- ISO
- DIAGCAB
The user can not open attachments with these extensions.
Thunderbird offers a nice tutorial on MailExtensions: developer.thunderbird.net
This Thunderbird extension warnst against potential malicious attachments like docm and xlsm files. A set of highly risky attachments are blocked (cmd, exe etc.). See corresponding section in this document for an overview of file extensions.
There is a lot of space for improvements. Feel free to contribute and send pull requests.
Special thanks to Sarah (astriia) for creating the logo!
This extension can be downloaded directly from the Thunderbird add-on repository: https://addons.thunderbird.net/de/thunderbird/addon/warnattachment/
The Thunderbird API is constantly changing and this extension has to be adapted accordingly. Currently, several branches exist:
- Major version number starting with 0, i.e. 0.12 is for Thunderbird 60.x and below.
- Major version number starting with 1, i.e. 1.1 is for Thunderbird 68.x and above.
- Major version number starting with 2: is for Thunderbird 71.x and above and based on WebExtension / MailExtension. This one is the master
I try my best to test all possible combinations. If you find any problems, feel free to open an issue or drop me a line.
Thunderbird offers a nice tutorial on MailExtensions: developer.thunderbird.net
To build the .xpi extension file, simply run make in the root directory of
this repository.
For convenience, the binaries are provided in the bin directory.
WarnAttachment is tested using several versions of Thunderbird on a Linux (Debian-based) system. Currently (November 2019), the following Thunderbird versions are tested (subject to change):
- Thunderbird 38 (German)
- Thunderbird 52 (German)
- Thunderbird 60 (German, US-English, French)
- Thunderbird 68 (German, US-English, French, Italian)
- Thunderbird 78 (German, US-English, Spanish, Polish)
- Thunderbird 89b (US-English)
- Thunderbird 91 (German)
- Thunderbird 102 (German)
- Thunderbird 115 (beta, US-English)
- Thunderbird 126 (beta, US-English)
For changes, check the CHANGELOG.md file in the current directory
- Attachment decoded from an TNEF (Outlook / winmail.dat) attachment can not be checked.
- The configuration dialog should be extended
- Prevent saving files and not just opening
- Migrate to native message API
- Thanks to Sarah (astriia) for creating the logo.
- Thanks to Nicolas (@nilaudat) for contributing the French translation.
- Thanks to Massimiliano (@m-ferrero) for contributing the Italian translation.
- Thanks to Mariusz (MX_EH) for contributing the Polish translation.
- Thanks to Nacho for contributing the Spanish translation
- Thanks to arai-a for the global services fix
Jens Dede warnattachment@jdede.de, 2023
This code is licensed under the GPLv3