On 03/18/2013 08:15 PM, Kevin Chadwick wrote: > On Mon, 18 Mar 2013 23:38:11 +0000 > Neil Bothwick <n...@digimed.co.uk> wrote: > >>>> K9 Mail can do both plain text and bottom posting. >>>> Both set in Account settings/Sending mail. >>> >>> It can write but forces html onto users, which potentially includes >>> jpg exploits, png exploits, html exploits, script exploits, font >>> exploits... >> >> What are you talking about? K9 forces HTML on no one, it sends plain >> text if you set it to do so. >> > > If you receive a html email you have no choice but to execute code to > handle as per my above examples.
Either you ignored what I said about being able to disable loading remote content and being able to disable showing inline rich content, or you're seriously concerned about HTML parser vulnerabilities. If that's the case, set up a defanging filter for your email. > >>> Having knocked Android, I haven't found the time to try the latest >>> native email app. I'm not expecting a no html option but I'm pretty >>> sure it will have some major pluses over k9mail, which was a trade >>> of good for bad on Gingerbread. >> >> K9 is not Android, any more than yourfavouriteemailer is Linux. It is >> a program that runs on Android. As for being less capable than the >> native app, the opposite is the case as it is based on the code from >> the native app, but actively developed. > > Googles mail is part of android and they do maintain it. I maintain > that while k9 has some improvements it also breaks things and I guess > would have not seen light without Googles initial efforts. I'm really not sure what Google's native client (or K9) breaks. I use K9 because I require GPG support for communicating with one of my clients.
signature.asc
Description: OpenPGP digital signature
