FlowCrypt tries to decrypt non-encrypted email with ambigous noname file

[martgil]

This is pretty much exactly described in the https://github.com/FlowCrypt/flowcrypt-browser/issues/5422 except that the actual mime type of the "noname" file is a TNEF file utilizes by a Microsoft product - https://en.wikipedia.org/wiki/Transport_Neutral_Encapsulation_Format.

Sample email from user:

https://mail.google.com/mail/u/flowcrypt.compatibility@gmail.com/#search/irontite/FMfcgzGxRxJCbKdKWcxPbqKDMFKdTkTk

[martgil]

Hi @sosnovsky I investigate this issue and it seems like there are so much going on with an "noname" attachment. I checked the attachment and it has 'multipart/mixed' but there doesn't seem data to parse it.

I'm not even sure if a "noname" multipart/mixed attachment needs to be parsed... since it is quite broad... also, its not even correct to assume that its an encryptedMsg so its something we need to improve. What do you think?

[sosnovsky]

Yeah, this incorrect detection happens at https://github.com/FlowCrypt/flowcrypt-browser/blob/39a2fc198aaf1a05a081c48818c88d0011448b27/extension/js/common/core/attachment.ts#L211, as we just check if type !== 'application/octet-stream', so other types will be automatically detected as encryptedMsg. Need to add some additional check for better detection