Dear Mozilla-Team, the past has shown that not all users are always aware of the risk by attachments. A significant attack vector are wrong labeled attachments (file extension wrong). You can still rename a virus.exe to readme.pdf and it is shown as PDF-Symbol in Thunderbird. ( yes you could find some addons, but most of thunderbird users do not have them - it needs to be buildin ) It would be easy to check for the magic-number (first 4 bytes) if it is matching the extension, at least for the top ten dangerous file types (e.g. EXE, PDF, ZIP, COM, BAT, CMD, MSI, etc) plus the most often used ones (e.g. JPG, MP3, etc). I dont suggest to implement the full linux "file" database, but to recognize the most important kinds. Any time the extension is misleading, it should be blocked or warning-fenced. Of course this sould be possible to disable in settings, but I cannot imagine a case where someone would be unhappy about this hint. Especially belong to the 99.99% of users that do not like virus-infections or ransomware on their computer. A tool that is intended to be used by everyone should concider everyone using it (and prevent dangerous "presents"). Sometimes its only a wrong click by someone being in a hurry...
Thanks for reading.
... View more