making Outlook "more" secure ?
Results 1 to 10 of 10

Thread: making Outlook "more" secure ?

  1. #1
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528

    Exclamation making Outlook "more" secure ?

    Got this from a cousin, I would appreciate feedback as to the validity of the method.


    These hints will help you stop the spamers harvesting e-mail addresses from your e-mail and prevent you from getting "auto infected" with the Outlook Express preview pane.

    When you send e-mail it feels normal to put the address of the person you are sending the mail to in the "to" box and any others to be coppied in the "cc" box.
    However, this means, everyone who gets a copy of the joke you just sent also gets the whole list of recipients and this is one place spammers harvest addreses from. The way to fight back is to enable the "bcc" (Blank Carbon Copy) address header and put ALL recipients in that field leaving the "to"and "cc" totally blank. To show this "bcc" address header do the following:-

    Start Outlook Express, and click to create a new e-mail. At the top of the e-mail compose page select View, then check the "Show all headers" option.

    The letest viruses are now able to infect file types such as gif and jpg pictures. Java executable code can also be embedded into the e-mail page (eg: those moving emoticons some people like to use) Because of this, the default settings in Outlook Express are dangerous and in particular the preview pane (The box at the bottom which shows the content of the curently highlighted e-mail) Because of this you should disable the preview pane in Outlook Express as follows:-

    Start Outlook Express, and select "View" then remove the check from "Show Preview Pane"
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  2. #2
    Jpg and Gif viruses do not exist, at least as far as I know. That is a common hoax. Java applets can only be used if HTML is enabled in your emails, and if Java and Javascript is enabled as well. Moving emoticons are .gifs.

    As for the preview pane, I guess it would help, but disabling HTML in the emails would take care of that as well, as any scripts would not be executed. HTML tags and Jscript would only show up as text.

    Corrections welcome
    Soda

  3. #3
    Old Fart
    Join Date
    Jun 2002
    Posts
    1,658
    The only way to secure Outlook is to uninstall it.
    Al
    It isn't paranoia when you KNOW they're out to get you...

  4. #4
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    You can also disable HTML in Outlook Express using noHTML. I've been using it lately and it's quite nice. This should help deal with some of the issues of phishing problems.
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    The main thing is to prevent any HTML-related features from being enabled (as mittens says).

    The main problem is people who send you HTML email without an acceptable text part. As far as I'm aware there is no way to tell Outlook / OE of saying

    "Open HTML emails, if I ask you to on a per-message basis, but don't load images from external sites because I like my privacy"

    The traditional problem was, even viewing a message in the preview pane causes it to fetch images (which may cause information to be sent to web servers).

    Now I use Kmail, Kmail has the feature of being able to selectively enable HTML viewing without loading images.

    As far as I'm aware, the only way of doing it in Outlook is to turn images off in IE. Unfortunately, this also affects HTML help, which is exceptionally annoying (even if you don't use IE as a standalone browser).

    Slarty

  6. #6
    Senior Member
    Join Date
    Dec 2003
    Location
    Pacific Northwest
    Posts
    1,675
    Yep Soda,

    We don't read to much about gif & jpg virus's yet. But I would imagine it's just a matter of time. We can already hide a multitude of files and stuff inside the gifs with programs like EZ Stego and Gif Shuffle etc. EZ Stego hids the data in the least significant bits of the gif image and Shuffle tweaks the color table of the gif. So how long before we start seeing those critters as well?

    cheers

  7. #7
    Senior Member
    Join Date
    Feb 2002
    Posts
    1,210
    we've had this discussion before about viruses in gifs and jpegs..
    sure you can hide one inside a picture..but unless the picture viewer is compromised first by some other means, it can't happen.

    edit :
    there's some discussion going on at another forum about this that's pretty recent with some interesting comments.. you can view that thread here.

  8. #8
    Senior Member Info Tech Geek's Avatar
    Join Date
    Jan 2003
    Location
    Vernon, CT
    Posts
    828
    Originally posted here by allenb1963
    The only way to secure Outlook is to uninstall it.
    The only secure Windows Program is an UnInstalled Program..

    Are you trying to figure out if the article is any good or are you asking for help securing your mail box?

  9. #9
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,528
    to ITG,
    I received the mail from a cousin, they were just passing it through the family as a way to help. I posted it here for a second, more critical look. I have been the recipiant of more virii than I care for, and as such, if this little letter is a quick + easy way to
    A) stop spammers getting addresses
    B) stop trouble just by shutting the preview pane
    Then I am for it, if, however the 'cure' is just a placebo ? then I will carry on as before.
    Except, now I have an image to help in the re-install of my sys WHEN it gets compromised again ??
    55 - I'm fiftyfeckinfive and STILL no wiser,
    OLDER yes
    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

  10. #10
    Senior Member problemchild's Avatar
    Join Date
    Jul 2002
    Posts
    551
    As far as I'm aware there is no way to tell Outlook / OE of saying

    "Open HTML emails, if I ask you to on a per-message basis, but don't load images from external sites because I like my privacy"
    ...which is where a good proxy/personal firewall would come into play. My company requires me to use Outlook for e-mail at work, so I use the many-years-old-but-still-the-best AtGuard to permit Outlook to connect to my POP mail server on port 110, and block all other outbound connections from Outlook. Allows you to preview the HTML message, but stops web bugs dead in their tracks.
    Do what you want with the girl, but leave me alone!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •