Committed to HEAD.  Some cleanups implemented.  Use a MIME_Contents 
object to display the status message.  We are not currently using the 
fourth parameter to formatStatusMsg (the class parameter) since there 
is no current style that renders the status message satisfactorily at 
this time.  I leave this to those who a) know CSS better than I and b) 
have some sort of design talent.  Further development should be done 
via the dev@ list rather than the bug tracking system.

the html viewer in imp is passed a mime_contents object from which it 
extracts a mime_part to send to _cleanHTML from the horde html viewer. 
  _cleanHTML could take an optional second parameter containing the 
mime_contents object, that seems redundant though.  Perhaps the 
warning should just be in the imp html driver ?

See IMP's html driver for a reference how to get the object. Perhaps 
Michael could jump in with a good idea too.

That's what I tried to do originally, but it is the html viewer is 
passed a mime_part object, not a mime_contents object and I couldn't 
find a way to get to a mime_contents object without creating a new 
one.  I'll do that if that's acceptable, but it seems like a waste, 
and viewAsAttachment already has that functionality.

Heh, no. :-)

MIME_Contents::formatStatusMessage was only a hint to the method, it 
shouldn't be called statically. I don't know exactly off my head, but 
I guess it would be something like 
$this->contents->formatStatusMessage().

- I replaced \s+ with \s*

- It now uses MIME_Contents::formatStatusMessage to display the status 
box.  I had to modify the function to allow it to be called as 
MIME_Contents::formatStatusMsg(), replacing this->viewAsAttachment 
with MIME_Contents::viewAsAttachment.  I also modified it to accept a 
style as an optional 4th css parameter.

- The warning is now a gettext message

Thanks

This looks good as a first glance. I have some suggestions though:



- In the first two preg_match calls, why do you expect a whitespace 
like 'href= http://...' if the href attribute is *not* enclosed in 
quotes? |\s+ should probably be |\s*

- You should use MIME_Contents::formatStatusMessage() for showing the 
phishing warnings, see imp/lib/MIME/Viewer/html.php for examples. It 
might also be a good thing to extend this method to also accept an 
optional class name for the status box. That wouldn't break BC and 
allows to show boxes that look more like warnings like the current 
ones that even have a fixed style.

- The message could probably be tweaked to sound less diffuse. But 
that could be done later. But at least it has to be a gettext message.

Here's a first pass at an implementation.

This is already on the TODO list: http://www.horde.org/imp/docs/?f=TODO.html

gmail now displays a red banner warning on messages it thinks are 
phising scams.  I'd like to see something similar in imp.  It would be 
trivial enough to do in a way that would work in my environment using 
checking for spam assassin test matches, but I don't know if that is 
general purpose enough to be mainline.   How does this idea sound, and 
is there a more flexible way to implement it ?