Monitors emails for recently registered domain names (more likely to indicate phishing attempts)
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.


This is a plugin for the Thunderbird email client. It leverages a caching whois server (see the whois-caching-proxy repo) to check the age of the senders domain as well as the reply-to domain if any is configured in the email message.

When a suspicious domain is detected a notification bar item is placed on the message indicating that a domain is 'suspicious'.

This is Alpha quality / proof of concept

How do I use this?

  • First, run an instance of the whois-caching-proxy (sibling repo to this one)
  • Next, package this plugin as an XPI and install it in Thunderbird