Quoting John Quinn <[EMAIL PROTECTED]>: > I don't know what all the hue and cry against HTML is all about.. The only > excuse is the security concern, if there is any, and if there is I wish > someone would explain it to me.
John, There are several security issues with HTML-based e-mail, many of which are similar to security issues with HTML in general. For example: visting a malicious web site with hidden HTML code might cause malware to be downloaded to your machine; the same is true for an HTML-based email message. The classic security concern has to do with what are commonly referred to as Web Bugs. You understand, do you not, that HTML can contain references to images that reside on distant servers? And that when your email reader goes to that server to retrieve that image, that the server can gather important information from your system, such as your email address? Now, imagine a malicious spammer who includes a 1x1 pixel (colored white) image somewhere in that HTML message. When you open that HTML email from that malicious spammer and your email application then fetches that image to display it to you, you've just given your email address to that spammer. Not only can he then spam you again and again, he can also sell your (validated) email address to other spammers all over the world. And since one can never truly trust the TO: and From: fields to contain truthful information, even that supposed email from Aunt Sue that claims to be pictures of her vaction to Mauii may in fact be spam. That's the major reason so many of us prefer to turn off HTML rendering, and prefer the old-fashioned text only methods. open netsÂ… ------------------------------------------------- All Covered -- To unsubscribe: <mailto:[EMAIL PROTECTED]> archives: <http://www.mail-archive.com/entourage-talk%40lists.letterrip.com/> old-archive: <http://www.mail-archive.com/entourage-talk%40lists.boingo.com/>
