warns suspicious message only on differing domain (#2343)

For example, the following is *not* suspicious: ``` From: foo@example.org Reply-To: bar@example.org ``` While the following remains suspicious: ``` From: foo@example.org Reply-To: foo@example.com ``` This commit fixes #2342.
2025-01-01 13:14:16 +08:00 · 2016-05-31 20:08:18 +01:00 · 2016-05-31 20:08:18 +01:00 · 3b42b2d03b
commit 3b42b2d03b
parent 0cf8ccc0c2
1 changed files with 5 additions and 3 deletions
--- a/internal_packages/phishing-detection/lib/main.jsx
+++ b/internal_packages/phishing-detection/lib/main.jsx
@ -48,9 +48,11 @@ class PhishingIndicator extends React.Component {
    // phishing attempt boils down to checking the `replyTo` attributes on
    // `Message` models from `MessageStore`.
    if (message && message.replyTo && message.replyTo.length !== 0) {
-      const from = message.from[0].email;
-      const replyTo = message.replyTo[0].email;
-      if (replyTo !== from) {
+      const from = message.from[0].email
+      const fromDomain = from.split('@')[1];
+      const replyTo = message.replyTo[0].email
+      const replyToDomain = replyTo.split('@')[1];
+      if (replyToDomain !== fromDomain) {
        return (
          <div className="phishingIndicator">
            <b>This message looks suspicious!</b>