Ben Bucksch wrote: > MichaelP wrote: > >> I think, at the moment Mozilla Mail is less secure than a carefully >> configured Outlook Express. >> If I get a new message in my inbox, I can not see if the message >> contains an attachment - OE indicates that, so I cann take a look at >> the source text if it. > > > Claiming that Mozilla is less secure, because we have no attachments > icon in the thread pane is a long strech, I'd say. > > Wait for bug 30888 to be fixed and you won't have to worry about > BadTrans anymore, because it relies on HTML (bug 109249 is about > BadTrans, isn't it?). >
At first, thank You for Your answer - I will wait for the fix of the bugs You mentioned. But at the moment I do not feel secure when I use Mozilla Mail. This was the reason I used these harsh words comparing Mozilla with OE >> Few days ago I received a BadTrans infected mail, and I got the >> "save-to-disk"-dialog immediatedly. > > > You haven't been infected, have you? If you care about attachments, you > surely won't confirm the save. > That's right - I have not been infected. But at the moment I opened the message I felt helpless only being dependent on the capabilities of may AV software. >> A symbol to indicate that this *new unread* message has an attachment >> would be very useful. > > Agreed. > >> Further, I made another test: I sent a html-file as an attachment >> (using Lotus Notes 4.5x) from my office to two of my privae >> mail-accounts. Mozilla Mail displays the html-file directly, OE >> (correctly) shows only the attachment that has to be opened/saved >> manually. > > What is correct depends on the MIME headers (content-disposition > inline?) and your settings. HTML attachments are no more dangerous than > HTML mail. > If the attachment is plain HTML, You are right. But what happens, if not (like BadTrans &Co)? Again, Thank You Michael
