Mike:
If someone forwards a message to the list, it may very will contain
JavaScript. Not all email software that allow HTML format has a means to
disable JavaScript.
Regardless, though, the fact remains that quite a few USMA list server
members don't have HTML-format capability in their email software.
Fortuitously, that protects them from viruses. But it also means that, when
someone posts an HTML-format message to the list server, they get messages
that contain more garbage than useful information.
Bill Potts, CMS
San Jose, CA
http://metric1.org [SI Navigator]
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On
> Behalf Of mojo
> Sent: November 01, 2000 09:27
> To: U.S. Metric Association
> Subject: [USMA:8926] Avoiding viruses
>
>
> Folks,
>
> Viruses may "ride in HTML e-mails", but do not ride in the HTML,
> rather in the
> JavaScript (NOT the same as Java), or ActiveX functions embedded
> in the HTML
> file. You can still allow HTML files if you turn off the ability
> to execute
> JavaScript and ActiveX controls (some browsers/mail clients allow this).
>
> In addition, HTML is not required as the carrier. It is always a
> good idea not
> to have attachments automagically open when a message is read. Many email
> clients unfortunately do not have this as the default behavior, because
> auto-opening attachments is sexy.
>
> The popular press does not do a good job of identifying the
> threat, nor how to
> close the vulnerability in your system. You can lose some neat
> functionality
> by overestimating the problem. Of course, if you don't have the
> ability to
> turn off specific behaviors, then you'll have to do what you can.
>
> I would be interested to know if blocking HTML mail also blocks mail
> containing URLs and "mail to:" (without the space) references.
>
> Mike Jenkins
>
> >===== Original Message From [EMAIL PROTECTED] =====
> >To all: These viruses ride in HTML e-mails. We therefore no longer accept
> >HTML e-mails, you may want to consider doing same. Just a
> suggestion. Yvonne
> >Halpaus
>
>
