[horde] Fw: viewing html content ?

Spyros Tsiolis stsiol at yahoo.co.uk
Tue Nov 16 09:35:17 UTC 2010 

--- On Mon, 15/11/10, Niels Dettenbach <nd at syndicat.com> wrote:

> From: Niels Dettenbach <nd at syndicat.com>
> Subject: AW: [horde] Fw:  viewing html content ?
> To: "Spyros Tsiolis" <stsiol at yahoo.co.uk>
> Date: Monday, 15 November, 2010, 20:45
> Dear Spyros,
> 
> just btw:
> showing inline html - especially javascript and/or external
> ressources (i.e. images) - could be a security flaw which
> could be used by i.e. spammers or phishers to collect
> informations about email recipients.
> 
> This is why many email programs disable inline view by
> default or ask in any case.
> 
> I know that Outlook and a few others does inline view by
> default while others has diabled it or asking the user in
> each case.
> 
> Just an harder example: In the last monthes there exists
> i.e. some hard security holes in Flash player and PDF reader
> (solved this week by Adobe by downloadable updates of both
> software products after several monthes of "open doors"...)
> - this means open a email with such type of attachement
> could be a relative easy way for intruders.
> 
> So you still have to consider this when using / enabeling
> this function (or leave the decision to your users byself).
> 
> 
> good luck,
> 
> Niels.


Hi Niels,

Yes, I know all this. Don't think that I am security illiterate.
What you describe is actually my main pain for a couple of installations.
But users don't listen.
That's what my problem is.
So, if the company boss comes back and starts blaming me for not
seeing his nice .jpg's and html pages, I will have to comply.
After all, I am getting paid by him :-)

Thank you very much for your thorough explanation. To tell you the truth,
I would love to disquise this as a security issue and users stop
receiving all the usual crap they receive and then get infected with
all kinds of b*****it.

BTW, I've found this page of options that you people describe, I set
them up so they display html and image content but they do not.
Go figure. . .

Thank you again,

Spyros

----
"I merely function as a channel that filters 
music through the chaos of noise"
 - Vangelis

More information about the horde mailing list