Educause Security Discussion mailing list archives
Re: E-mail Privacy
From: Glenn Leavell <glenn () USG EDU>
Date: Tue, 25 May 2004 17:08:38 -0400
On Tue, May 25, 2004 at 05:00:07PM -0400, Gary Flynn wrote: # Glenn Leavell wrote: # # >Many e-mail clients have a setting to disallow the viewing/loading of # >remote images, which should neutralize the didtheyreadit service. For # >example, I know that Mozilla Thunderbird, Eudora, and Squirrelmail all have # >this option. # # I've been using that feature for some time in both Netscape and # Mozilla and felt somewhat comfortable until a couple days ago. # Then my computer showed up in an IDP report accessing a web # site trying an IE exploit. I backtracked through my messages # and found a piece of SPAM that caused my Mozilla client to access # the web site every time the message was displayed. # # The message contained: # <object-disabled data=3D"http://&#= # 119;ww.fatbonusc&#= # 97;sino.com/pag= # 01;.php"> # # without the "-disabled" in the object tag # # Its just an encoded URL but my Mozilla client followed # it immediately when the message was displayed. Sigh. # More disillusionment. :) # # I don't see a setting specifically disabling HTML mail # rendering of received messages in mozilla, which, I guess # would have prevented it. We attempt to block these types of tags before they get to to the recipients by using the product MailScanner (see www.mailscanner.info). Glenn -- Glenn Leavell <glenn () usg edu> Director, Systems Support Services Office of Information and Instructional Technology Board of Regents of the University System of Georgia ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/cg/.
Current thread:
- E-mail Privacy Javier Torner (May 25)
- <Possible follow-ups>
- Re: E-mail Privacy Herrera Reyna Omar (May 25)
- Re: E-mail Privacy H. Morrow Long (May 25)
- Re: E-mail Privacy H. Morrow Long (May 25)
- Re: E-mail Privacy Glenn Leavell (May 25)
- Re: E-mail Privacy Brian Eckman (May 25)
- Re: E-mail Privacy Gary Flynn (May 25)
- Re: E-mail Privacy Glenn Leavell (May 25)
- Re: E-mail Privacy Brian Eckman (May 25)
- Re: E-mail Privacy Dan Oachs (May 25)