Re: Outlook security

From: Richard Sidler (
Date: 12/06/02

From: "Richard Sidler" <>
Date: Fri, 6 Dec 2002 20:45:28 -0200

> > What danger is there running Outlook with the preview
> > pane on? I been told there is a problem because of the
> > way Outlook reads and executes HTML code.

Keeping the preview pain off helps protect against "web bugs," - files or
html elements that a spammer could use to monitor what messages you have
viewed. This is done by cleverly configuring an html mail message and using
a web server to confirm if you have downloaded the "bug" (to confirm a live
address, a hit).

I try to never preview or open any email unless I know who the sender is. I
do my first pass through the inbox with preview off, deleting all spam
without opening or viewing it. A tool bar button can be added to IE to
toggle the Preview pain on and off, it soon becomes second nature to view
messages with caution.

"script hooking into ActiveX controls" is a concern, but IMHO, this has
less to do with opening or previewing emails and more to do hardening or
locking down your system. Keeping a reasonable level of internet security is
also imparitive.

Plan text email is always best, but there are always those days when one
loses sight.

Cheers All