1. Mail security (was: Mangling of mails)
Hi Euler, you wrote:
> On 22 Jan 2003, at 12:39, Juergen Luethje wrote:
<snipped by a being with 2 eyes>
>> I know 2 technical ways to have both text and HTML versions of the
>> message in the same e-mail:
>> - "Content-Type: multipart/alternative"
>>
>> - "Content-Type: multipart/mixed"
>> Here the HTML version is attached to the text version.
>> (Of course, "multipart/mixed" can be also any other kind of
>> attachment.)
>>
> I'll put these on my MailWasher.
I use them in my MailWasher, too. 
>> And this is HTML only:
>> - "Content-Type: text/html"
>>
> Already there. :)
>
>>> While this is not as big a risk for viruses perhaps (tho it could be,
>>> since there is HTML in the email),
>>
>> AFAIK any HTML can contain a virus or a worm. And the risk of activating
>> a virus mainly depends on the mail client on which the mail is opened,
>> and what options the user of the client uses. And most of us know this
>> M$-express-virus-replication mail clients. 
>>
> I use Pegasus Mail (http://www.pmail.com) the best, most secure, and
> powerful eMail client I ever found. And it's FREE for every use! I use
> v3.12c though there's already a v4.02 that seems to be alot better and
> fancier. The sad note to some of our fellows (Jim?) is that's Windows
> only.
> Anyway, if you want to make sure, there's a test (safe) at
> http://www.gfi.com/emailsecuritytest/ that will expose all your
> client's weaknesses.
They sent me 15(!) test mails.
Very interesting!
> Another one is to use a *good* eMail service. MyRealBox is a very good
> webmail service with POP3/IMAP/SMTP and a very effective anti-virus and
> spam filter. I use it from a long time ago with no complains. Well,
> they freeze from time to time (short periods) as it's a test bed for
> Novell's NIMS system.
I've heard the name before, but I didn't know, that they have an
anti-virus and spam filter at all. I think i'll have a closer look
at MyRealBox.
<snipped by a being with 1 nose>
> BTW, all undocumented snips made by me. :)
> Kind regards,
>
> -- Euler German
Thanks for the important security information!
Best regards,
Juergen
--
/"\ ASCII ribbon campain |
\ / against HTML in | Superstition brings bad luck.
X e-mail and news |
/ \ and unneeded MIME |
2. Re: Mail security (was: Mangling of mails)
Hi Juergen,
<snipped by human with 4 eyes)
> > Anyway, if you want to make sure, there's a test (safe) at
> > http://www.gfi.com/emailsecuritytest/ that will expose all your
> > client's weaknesses.
>
> They sent me 15(!) test mails.
> Very interesting!
>
I also got the 15 test emails, I think my system passed all but the eicar
test virus, which is caught on save/open. Hope this really was safe!!
Dan Moyer
Belief in superstition brings bad luck.
3. Re: Mail security (was: Mangling of mails)
- Posted by gertie at visionsix.com
Jan 24, 2003
On 24 Jan 2003, at 1:51, Dan Moyer wrote:
>
> Hi Juergen,
>
> <snipped by human with 4 eyes)
>
> > > Anyway, if you want to make sure, there's a test (safe) at
> > > http://www.gfi.com/emailsecuritytest/ that will expose all your
> > > client's weaknesses.
> >
> > They sent me 15(!) test mails.
> > Very interesting!
> >
>
> I also got the 15 test emails, I think my system passed all but the eicar
> test virus, which is caught on save/open. Hope this really was safe!!
<unsnipped by me>
Almost all those seemed to rely on VBS. I wonder what would happen if they
used some actual machine code or other interpreter on the puter.
Kat
4. Re: Mail security (was: Mangling of mails)
On 24 Jan 2003, at 1:51, Dan Moyer wrote:
>
> Hi Juergen,
>
> <snipped by human with 4 eyes)
>
<snipped by human with 4 eyes too)>
>
> I also got the 15 test emails, I think my system passed all but the
> eicar test virus, which is caught on save/open. Hope this really was
> safe!!
>
Dan, while I have lots of security software in my desktop I never rely
100% on them. As you did, I never, ever, open any attachment inside my
eMail client though the maker says it's safe. There's no replacement to
a "safe behavior". This is as good to eMail as is for sex. (Hope Big
Brother don't catch this...) ;)
Euler
--
/"\ The ASCII ribbon | Euler GERMAN
\ / campaign against HTML | Caixa Postal 232
X eMail, HTML news, and | 35701-970 Sete Lagoas, MG, Brasil
/ \ unneeded MIME. | PGP key ID: 0x92D7247F
5. Re: Mail security (was: Mangling of mails)
Euler,
I agree, & heretofore have also never directly opened attachments, always
saved them to file & then looked at them as carefully as I could, looking
first at "properties". But it seemed the only way to employ the test
pointed to (for some of them) was to open their attachment.
Dan Moyer]
----- Original Message -----
From: "Euler German" <efgerman at myrealbox.com>
To: "EUforum" <EUforum at topica.com>
Subject: Re: Mail security (was: Mangling of mails)
>
> On 24 Jan 2003, at 1:51, Dan Moyer wrote:
>
> >
> > Hi Juergen,
> >
> > <snipped by human with 4 eyes)
> >
> <snipped by human with 4 eyes too)>
>
> >
> > I also got the 15 test emails, I think my system passed all but the
> > eicar test virus, which is caught on save/open. Hope this really was
> > safe!!
> >
> Dan, while I have lots of security software in my desktop I never rely
> 100% on them. As you did, I never, ever, open any attachment inside my
> eMail client though the maker says it's safe. There's no replacement to
> a "safe behavior". This is as good to eMail as is for sex. (Hope Big
> Brother don't catch this...) ;)
>
> Euler
>
> --
> /"\ The ASCII ribbon | Euler GERMAN
> \ / campaign against HTML | Caixa Postal 232
> X eMail, HTML news, and | 35701-970 Sete Lagoas, MG, Brasil
> / \ unneeded MIME. | PGP key ID: 0x92D7247F
>
>
>
> TOPICA - Start your own email discussion group. FREE!
>
6. Re: Mail security (was: Mangling of mails)
Kat,
And, of course, if their test, intended to showcase their security software,
is incomplete, then what might that say about their software?
BTW, "ZoneAlarm" points people to a (not associated?) web site to test
firewalls, Gibson Research,
http://grc.com/default.htm
the "ShieldsUp" test, what do you think of it? I haven't tried the trojan
download test yet.
Dan Moyer
----- Original Message -----
From: <gertie at visionsix.com>
To: "EUforum" <EUforum at topica.com>
Sent: Friday, January 24, 2003 3:05 AM
Subject: Re: Mail security (was: Mangling of mails)
>
> On 24 Jan 2003, at 1:51, Dan Moyer wrote:
>
> >
> > Hi Juergen,
> >
> > <snipped by human with 4 eyes)
> >
> > > > Anyway, if you want to make sure, there's a test (safe) at
> > > > http://www.gfi.com/emailsecuritytest/ that will expose all your
> > > > client's weaknesses.
> > >
> > > They sent me 15(!) test mails.
> > > Very interesting!
> > >
> >
> > I also got the 15 test emails, I think my system passed all but the
eicar
> > test virus, which is caught on save/open. Hope this really was safe!!
>
> <unsnipped by me>
>
> Almost all those seemed to rely on VBS. I wonder what would happen if they
> used some actual machine code or other interpreter on the puter.
>
> Kat
>
>
>
> TOPICA - Start your own email discussion group. FREE!
>
7. Re: Mail security (was: Mangling of mails)
grc.com is an excellent site.
I use a different approach with exe attachments and any sort of 3rd party
software I download from the web or get hold of on CD-ROM. I have a second
(slow but useable) computer running the same Winblows OS (98SE). I try the
software on this second machine. If it does what I want and doesn't appear
to exhibit unwanted side effects then I'll install and run it on my main
machine.
If it trashes the second machine they I reformat the hard drive and reload
Windows 98SE. Actually I save time by reloading a disk image of the second
machine from my first machine. You could use the popular Ghost utility but
I use my home grown "replicon" DOS executable. Because I wrote replicon in
Euphoria you can get it from the RDS archive.
Two machines an extravagance? Maybe but you could probably take a Pentium
100Mhz machine off someone's hands for nothing (or next to nothing) these
days. The actual test machine I use is an aging IBM PC with a Pentium
75Mhz in it running Windows 98SE! You get a free coffee break while it
boots up
Regards,
Andy Cranston.
At 07:09 AM 1/24/03 -0800, you wrote:
>
>Kat,
>
>And, of course, if their test, intended to showcase their security software,
>is incomplete, then what might that say about their software?
>
>BTW, "ZoneAlarm" points people to a (not associated?) web site to test
>firewalls, Gibson Research,
>http://grc.com/default.htm
>the "ShieldsUp" test, what do you think of it? I haven't tried the trojan
>download test yet.
>
>Dan Moyer
>
>----- Original Message -----
>From: <gertie at visionsix.com>
>To: "EUforum" <EUforum at topica.com>
>Sent: Friday, January 24, 2003 3:05 AM
>Subject: Re: Mail security (was: Mangling of mails)
>
>
>> On 24 Jan 2003, at 1:51, Dan Moyer wrote:
>>
>> >
>> > Hi Juergen,
>> >
>> > <snipped by human with 4 eyes)
>> >
>> > > > Anyway, if you want to make sure, there's a test (safe) at
>> > > > http://www.gfi.com/emailsecuritytest/ that will expose all your
>> > > > client's weaknesses.
>> > >
>> > > They sent me 15(!) test mails.
>> > > Very interesting!
>> > >
>> >
>> > I also got the 15 test emails, I think my system passed all but the
>eicar
>> > test virus, which is caught on save/open. Hope this really was safe!!
>>
>> <unsnipped by me>
>>
>> Almost all those seemed to rely on VBS. I wonder what would happen if they
>> used some actual machine code or other interpreter on the puter.
>>
>> Kat
>>
>>
>> TOPICA - Start your own email discussion group. FREE!
>>
>
>
>
>TOPICA - Start your own email discussion group. FREE!
>
>
8. Re: Mail security (was: Mangling of mails)
On 24 Jan 2003, at 6:53, Dan Moyer wrote:
>
> Euler,
>
> I agree, & heretofore have also never directly opened attachments,
> always saved them to file & then looked at them as carefully as I could,
> looking first at "properties". But it seemed the only way to employ the
> test pointed to (for some of them) was to open their attachment.
>
Sure, you have to break some eggs... Anyway I check that address myself
as you were reporting 15 eMail. When I found this site they were
running 8 or 10 tests. New ones are XP and/or Outlook specific. My
system (MyRealBox, ZoneAlarm [freeware] and Pegasus Mail) gave me very
good results: 100%! EICAR was caught by MRB, all executable attachments
were caught by ZoneAlarm and Pmail is immune to HTML/MIME malware as
well as any "executable" script. So I feel a lot better now.
I hope Unknown/CGI-BIN/Euman/Xanax (a.k.a. alprazolam, an antianxiety
agent (trade name Xanax) of the benzodiazepine class) is reading this.
He looks too anxious to be called Xanax. ;)
> Dan Moyer]
>
Euler
--
/"\ The ASCII ribbon | Euler GERMAN
\ / campaign against HTML | Caixa Postal 232
X eMail, HTML news, and | 35701-970 Sete Lagoas, MG, Brasil
/ \ unneeded MIME. | PGP key ID: 0x92D7247F
