Re: oh no...

new topic     » goto parent     » topic index » view thread      » older message » newer message 

On 1 Dec 2000, at 23:38, Dan B Moyer wrote:

> I didn't get that post, but I do often get similar ones, from "Undetermined
> Mail Sender, but I've discovered that they are actual posts from list members,
> maybe with mangled headers (?), which I have filtered into a folder called
> "from server";  when I realize they're there, I have been "checking them out"
> by using Outlook Express "properties" button and "details", and then "message
> source", which not only shows the mail header, but also the message.  I have
> been thinking this is a "safe" way to read such  email without opening it, but
> now I'm wondering if that's true.  Any thoughts?

Just one thought: doing *anything* to the email in Outlook Express is
dangerous, and you could find your puter executing the email. Part of the
problem is the hidden extensions, such as readme.txt.exe , in which
windoze is told by MS, by default, to not show you the ".exe", so when
you open what *looks* like "readme.txt", you exec it. There are some
viruses that need only be handled, not opened, by OE for them to exec,
due to OE looking into them to decide what to do with them. "Properties"
should be safe, but i do not *know* that it is, because, like i said, it is
possible to get OE to exec something just by recieving it totally unopened.
Marginally legal examples of OE exec'ing code behind the scenes is the
"auto-verify receipt when recieved" and "auto-verify receipt when opened"
options in email readers. So-called "user friendly" options include allowing
html src tags to be active, so the email reader will goto the web and
retrieve unknown files, possibly javascript or vbs files, which then exec and
do anything the author wished.

As far as virus scanners of email, some people have reported problems
with them, mostly hanging the puter types of problems. One of my dear
projects i wish i had time to work on is an email proxy, like the http proxies
i have.

When i got Pegasus, i intentionally did not get the plugins for scripting,
forwarding/sorting, or anything other than plain text decode/display.

Btw, Colin sent me the header, it's from Switzerland. Do not expect the
usa to have any clout in Europe/Asia to chase down virus factories, it's not
like it was in the Melissa virus case.

Kat

new topic     » goto parent     » topic index » view thread      » older message » newer message

Search



Quick Links

User menu

Not signed in.

Misc Menu