Simple Question

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is previewing an emails body (message) dangerous to malware?



Re: Simple Question


| Is previewing an emails body (message) dangerous to malware?


It may if the message is in HTML and has and uses exploit code.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



Re: Simple Question

David,

    Thanks,  Just the answer I needed.  You confirmed my suspicions.  Sorry
about the second email "Take 2".  Wasn't sure I would be understood.

Robert

Quoted text here. Click to load it



Re: Simple Question

Robert Malkin wrote:
Quoted text here. Click to load it

If you mean viewing an infected e-mail in Outlook Express's preview
pane, then yes it is dangerous to you, especially if your system is not
fully patched. Perhaps you should consider using a more secure email client.

max
--
Virus Removal http://max.shplink.com/removal.html
Keep Clean http://max.shplink.com/keepingclean.html
Tools http://max.shplink.com/tools.html
Change nomail.afraid.org to gmail.com to reply by email.

Re: Simple Question

What's in a Name? wrote:
Quoted text here. Click to load it

Hi Max.

So if I use a different email client such as Thunderbird, and I do not
use HTML for email, would it be safe to view emails is the preview pane?

Re: Simple Question

canadiancowboy wrote:

Quoted text here. Click to load it

Yes, but help yourself and select to *view* received email in Plain
Text.

View > Message Body As > Plain Text

HTML is for web pages, so don't send it either.

--
   -bts
   -Friends don't let friends drive Windows

Re: Simple Question

canadiancowboy wrote:
Quoted text here. Click to load it

The pre-view pane has exactly the same security risks as the view
window. Calling it the "preview" pane is a misnomer, as the mail/news
client in fact opens the message to display it in the preview pane. The
pane is is just another window.

Keep in mind that the default is (or should be set to) "nothing opened
until the header is clicked". Mail clients usually download everything,
so if you delete the message from the header pane, it will not be
opened. News clients generally default to no downloads until the header
is clicked, but some people like to download everything and then choose
which posts to open. I think this is bad practice.

Blocking HTML will add a smidgen of security, yes, but not enough IMO to
make a difference. As for plain text: problem is that plain text
messages can have attachments, and these may be infected.

My advice: Use an incoming mail/message scanner that quarantines suspect
stuff. That's about as secure as you can get (not perfect, but it's not
a perfect world, last I looked.)

And of course don't open anything that looks even remotely like spam.
Even if it comes from a friend or relative. The e-mail address may have
been hi-jacked (My wife's e-mail address was hi-jacked when a cousin's
computer became infected. The only cure was to change the address.)

HTH

--
wolf k.

Site Timeline