Customer Support

• FAQ & Knowledge Base
• Password Help
• Email Help
• Contact Support
• System Status >>
• Feedback

  Support Categories:

Getting Started FTP Moving Domains E-mail Stat Reports Mailing Lists Apache PHP CGI MySQL Database Other Software Billing & Terms Control Panel E-commerce Pre-Sales

Search for keywords:

Browse by category: -- Select Topic -- Getting Started FTP Telnet/SSH Moving Domains E-mail Traffic Reports Mailing Lists Apache PHP CGI Other Server-Side Scripting MySQL Database Imaging Libraries Other Software Billing & Terms Control Panel E-commerce Pre-Sales

Why are HTML emails a security hazard?

There are many reasons why HTML email is a security hazard and many bad things that can happen to you or your computer by simply even previewing the message in a preview pane without even opening it.

* Using images in HTML mail to gather demographic information about you when your mail program contacts the remote server where the image is hosted in order to allow you to view the image. Using this plus Javascript, many other 'spying' functions can be performed

* Using javascript to track recipients and "listen" to all forwarded messages

* Invisible images that monitor recipients and transmit information about them

* Monitoring the path of a confidential e-mail messages

* Silent capture of valid email addresses for use by spammers

* Executing arbitrary code from email using backdoors in MS Office

* Abusing bugs in mail clients to execute programs attached to emails

* Using ActiveX scripts in html email to steal private local files

* Javascript in html emails sending out recipients' private information

* Using javascript to initiate a denial of service attack

* Execution of malicious java applets

* Distribution of malicious worms that infect recipients' machines

More information about these exploits can be obtained from:

http://www.datafellows.com/v-descs/kak.shtml
http://users.rcn.com/rms2000/security/email/jcorrupt.htm
http://users.rcn.com/rms2000/security/email/jsdos.htm
http://users.rcn.com/rms2000/security/email/bootrap.htm
http://users.rcn.com/rms2000/security/email/bootrap.htm
http://users.rcn.com/rms2000/security/email/office.htm
http://www.zdnet.com.au/news/dailynews/story/0,2000013063,20156879,00.htm
http://www.bugnet.com/alerts/bugalert_010215.html
http://www.privacyfoundation.org/privacywatch/report.asp?id=54&action=0
http://www.geocities.com/ResearchTriangle/Facility/8332/reaper-exploit-release.html
http://www.mediamantra.com/ubb/Forum1/HTML/000003.html

User-Contributed Notes

There are no user-contributed notes for this topic.

Related Questions:

Sending email takes a long time and then fails.

I get "relaying denied" when trying to send email from my computer.

My ISP does not give me an SMTP/Outgoing mailserver to send mail from my own computer, so I must use yours.

How do I send email?

Do you have screenshots of Outlook Express configurations?

How do I receive and read e-mail?

Occasionally, Outlook Express just asks for my username and password but will not let me get my mail.

Someone is sending viruses or spam that appears to come "from" an address at my domain.

Why can't I send or receive email with large attachments?

Do you have screenshots of Entourage 2004 configurations?

I can't get my email because I am continually asked to retype my mailbox password, or am getting a [LOGIN-DELAY] error.

Do you support Secure POP and IMAP?

Can I have a special MX record so a different mailserver like everyone.net or my own Exchange server will handle all mail for my domain?

Why am I getting spam?

Is there a way I can bounce all email addressed to unknown users?

How do I delete hundreds or thousands of emails easily?

How many email addresses can I have and how do aliases work?

Can I pipe email to a program?

How do I protect email that contains sensitive information?

Can I have an automatic reply sent to people who email me while I'm on vacation?

I cannot get into webmail.

Which e-mail protocol should I use, POP or IMAP?

How does the mail server filter spam and viruses?

How Do I Backup My Email?

Why won't my email attachment go through?

I receive too much SPAM: what can I do?

My website forms are spamming me with 'gibberish@mydomain.com' or Form Email Injection Attack

Do you scan email for viruses?

Can I do mass emailings through my ISP that advertises my website?

When I "Add Mailbox" in Onsite, it says "That login name is already taken. Please choose another."

How do I view full email headers?

I get this error when logging into Webmail: Security failure, data decryption error

How do I import addresses into webmail?

How do I forward e-mail in OnSite?

Do you support anti-forgery standards (SPF / DomainKeys) for email?

I'm having trouble with email.

Do you purge messages from Trash and Spam folders?

Why can't I forward @mydomain.com email to my ISP mailbox?

Why is/isn't an email being marked as spam?

Why can't I delete messages from my mailbox if it is over quota?

Can I have an email address which both stores and forwards mail?

How can I access my Modwest mail from another provider's webmail?

What does the "Flag Subject" radio button do in OnSite spam settings?

Why is webmail seem slow?

When I send from Modwest webmail, my email has the wrong 'sender' or 'reply-to' address

Toggling 'Default Email Composition Format' to 'HTML' inside Modwest webmail only works temporarily

My Interspire Shopping Cart isn't Emailing Order Confirmations

Why can't I sort my messages in Webmail?

I use Modwest webmail. Is there a way to attach an image to my signature block?

Browse Categories: Getting Started, FTP, Telnet/SSH, Moving Domains, E-mail, Traffic Reports, Mailing Lists, Apache, PHP, CGI, Other Server-Side Scripting, MySQL Database, Imaging Libraries, Other Software, Billing & Terms, Control Panel, E-commerce, Pre-Sales