Дополнения
Добро пожаловать в дополнения Thunderbird.
Добавляйте дополнительные функции и стили, чтобы настроить Thunderbird по своему вкусу.
Закрыть
Mail Auth Info Viewer 1.1.6
автор Shota
Visualize email authentication (SPF, DKIM, DMARC), sender identity, delivery routes, and phishing link analysis with a four-tier severity model. Local-only processing. Fights display name spoofing and phishing.
Об этом дополнении
Mail Auth Info Viewer is a Thunderbird add-on designed to combat sophisticated phishing and "display name" spoofing. It analyzes message headers and body content locally, presenting a clear, color-coded dashboard showing sender alignment, authentication results (SPF, DKIM, DMARC), phishing link detection, and delivery routes with time delays directly on the message view.
Key features
Privacy
Source code: https://github.com/showtimesh/mail-auth-info-viewer
Key features
- Shadow DOM CSS isolation: The dashboard is encapsulated in a closed Shadow DOM, completely preventing HTML email CSS (e.g.
* { font-size: 20px !important; }) from contaminating the add-on display. - Always-collapsed panel: The dashboard always starts collapsed, keeping the status badge and verdict reason tags visible at a glance without consuming screen space. Click to expand for full details.
- Sender identity and alignment: Instantly spot discrepancies between the Display Name, Header From, and Envelope From addresses side-by-side.
- Display name spoofing detection: Detects when the display name contains an email address from a different domain than the actual sender — a common phishing trick.
- Domain verification badge: Prominently displays the actual authenticated domain (e.g. AUTH PASS example.com) to prevent false trust in fake display names.
- Verdict reason tags: Shows exactly why the badge is not green (e.g. DMARC policy is p=none, Phishing indicator detected, Untrusted link domain) so administrators know what to fix or trust.
- Four-tier link safety analysis: critical (deceptive link text, dangerous URI schemes like
javascript:/data:, embedded HTML forms — promoted to a phishing badge); suspicious (IP-address links, IDN homograph attacks, URL shorteners); untrusted (external domain unknown to the extension, resolvable by trusting the domain); privacy (tracking pixels — informational only). - Link domain overview: Lists all unique link domains in the body, color-coded by alignment with the sender's organizational domain, with inline tracker markers.
- Reply-To mismatch detection: Warns when Reply-To belongs to a different domain than the sender.
- Trusted link domains with inline shortcut: When an untrusted link indicator involves a single external domain, a Trust button appears directly on the finding row for one-click whitelisting. Manage trusted domains from the add-on settings page with text-based import / export.
- Authentication status with DMARC policy display: SPF, DKIM, DMARC pass / fail at a glance, with the DMARC policy color-coded for administrators.
- DMARC alignment indicators (RFC 7489): SPF and DKIM alignment status shown within each authentication card. Alignment is evaluated only for signatures that actually passed authentication.
- Individual DKIM signatures: When multiple DKIM signatures exist, each is shown with its status, signing domain, and DKIM selector (
s=), with deduplication across headers. - RFC 8601 comment-aware parsing: The Authentication-Results parser correctly handles comments containing semicolons, such as the common DKIM key-info comment
(2048-bit key; unprotected)emitted by some MTAs. - ARC chain visualization (RFC 8617): Displays the Authenticated Received Chain with verification status, signing domain, and authentication summary for each forwarding hop.
- Delivery route visualization: Shows the path from sender to inbox with calculated time delays between hops, Envelope-To recipient, and IP type indicators (internal / external with IP tooltips).
- Received-SPF fallback: When Authentication-Results lacks SPF data, falls back to Received-SPF for compatibility with older mail servers.
- Trusted authentication filtering (authserv-id): Filters Authentication-Results headers to trust only those from the receiving mail server, preventing forgery from upstream injected headers.
- Organizational domain comparison (RFC 7489): Uses a curated Public Suffix List covering more than 60 countries for accurate domain alignment.
- Mailing list detection: Indicates via Mailing List when
List-IdorList-Unsubscribeheaders are present, explaining domain mismatches from list forwarding. - Dark mode: Full dark mode support that follows your system preference.
- 12 languages: English, Japanese, French, German, Spanish, Italian, Korean, Traditional Chinese, Simplified Chinese, Brazilian Portuguese, Russian, Arabic.
Privacy
- All analysis is performed locally on your machine. No data is sent to any external server.
- The trusted domain list is stored only in local Thunderbird storage.
Source code: https://github.com/showtimesh/mail-auth-info-viewer
