Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Vista
Solving the Problem of HTML Mail
Shane Coursen, 2002-02-04

Now there are options for screening potentially dangerous messages, or even eliminating HTML email from your life.

Comments Mode:
Three things to make HTML email bearable 2002-02-04
TL (2 replies)
ok, why did you even write this article? 2002-02-07
friend (1 replies)
ok, why did you even write this article? 2002-02-08
Anonymous
How about RTF as a format instead of HTML? 2002-02-10
LA Walsh (1 replies)
How about RTF as a format instead of HTML? 2002-02-13
Ben
Solving the Problem of HTML Mail 2002-02-04
Roland <r s m i t h AT x s 4 a l l . n l >
Why screen only HTML encoded e-mail? 2002-02-04
Anonymous
Don't use Outlook 2002-02-04
Anonymous (2 replies)
Don't use Outlook 2002-02-06
Anonymous (2 replies)
Don't use Outlook 2002-02-08
Anonymous (2 replies)
Use common sense when using Outlook 2002-02-10
LA Walsh
Don't use Outlook 2002-02-16
Anonymous
Don't use Outlook 2002-02-16
Anonymous
"People running around bashing MS and Outlook" have a reason for doing so.
Have you already forgotten the VBS worm plague of 2000/2001? What software did they use? Let me give you a hint -- Outlook. If Microsoft would not allow its clients to be automated to such an extent, and then advertise it as a 'useful feature', we wouldn't have nearly as many problems as we do today. It's all because of Microsoft's MAPI that we do. I agree, some of the problem is user ignorance, but they aren't being taught the truth. What is the use of allowing a program to rifle through your contacts, and send the same message to all of them? None.
ISPs can only filter if a virus is known -- the first stages of any outbreak will be missed by ISPs. Frankly, I think attachments PERIOD aren't a good idea. But, things like the IMG tag DoS in HTML news can only be solved by eliminating HTML. Gradually, people will realize their mistakes with attachments. We have malicious stuff in HTML that people don't even realize they've been hit with. Case in point -- the infamous 'Scriptlet.TypeLib' exploit that led to Kak, and BubbleBoy.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/58/10551#10551
Don't use Outlook 2002-02-07
trowe
Solving the Problem of HTML Mail 2002-02-04
Tony Turner
Solving the Problem of HTML Mail - Procmail 2002-02-05
Anonymous
Spamming: The Problem of "Solving the Problem of HTML Mail" 2002-02-05
Fra. 219
PocoMail solves many security related email problems 2002-02-05
Anonymous
Solving the Problem of HTML Mail 2002-02-05
Dr. Gerry Hecht
Solving the Problem of HTML Mail 2002-02-05
JT
Solving the Problem of HTML Mail 2002-02-06
Anonymous
Pegasus Mail is immune to HTML problems 2002-02-06
Angus S-F
users 2002-02-06
Stefan Caunter
stripmime.pl - perl script to strip html tags for you 2002-02-07
Anonymous
HTML mail is for Teletubbies 2002-02-07
lala@po.com
this comment page... 2002-02-08
WetBlanket
Eudora also filters out web images and executable content 2002-02-11
Anonymous
Procmail on the Mail Server is a Real Solution 2002-02-12
Analysis and Solutions
consumers love text/html 2002-02-12
Anonymous
Solving the Problem of HTML Mail 2002-02-13
Anonymous
Solving the Problem of HTML Mail 2002-02-14
Old Fogie (aeaton@fdic.gov)
Solving the Problem of HTML Mail 2002-02-15
Anonymous (2 replies)
Solving the Problem of HTML Mail (in Outlook Express) 2002-02-15
Old Fogey
Solving the Problem of HTML Mail 2002-02-18
Stakka Bo
We nead assambly... Order is dump 2002-02-16
Anonymous
Solving the Problem of HTML Mail 2002-02-19
Daniel Spiljar <dspiljar+www@bofhlet.net>
The problem *is* Outlook, not HTML 2002-02-20
Rasputin (1 replies)
...wrong Rasputin, the problem is the USER and HTML mail...not Outlook 2002-02-22
FudgeFactor7
use a nice small txt only pop3 client 2002-02-25
Anonymous
Solving the Problem of HTML Mail 2007-10-04
Anonymous







 

Privacy Statement
Copyright 2008, SecurityFocus