General Question

ETpro's avatar

How much risk does allowing remote content in email messages pose?

Asked by ETpro (34605points) July 11th, 2010

My computer is behind a router and I run up-to-date Norton AV. I just recently switched from an aging copy of Eudora 7 to the new Mozilla open source project Penelope (Eudora OSE). My old Eudora 7 loaded images and external content. As far as I know, that never resulted in any viruses getting on my system. The new Beta version of Eudora OSE by default blocks all external content. The result is that much of the email I receive is virtually unreadable, being HTML email with half its content in external images. How much infection risk do I take on if I tell Eudora OSE to display external content?

Observing members: 0 Composing members: 0

7 Answers

Dr_Lawrence's avatar

I feel fairly safe behind and router and with current anti-virus software. I am cautious about what I open but I worry less about what my e-mail program displays. I am much more careful about external content from senders I have no reason to trust. I hope this answer is helpful.

jaytkay's avatar

If Norton scans attachments, I think there is not much risk of viruses.

But here is another reason to turn off external content – spam senders put a hit counter on the content, and they can confirm that you are a live prospect who looks at their incoming messages. So it’s worthwhile to spam you again.

I prefer to to enable external content & images by sender. I haven’t used Eudora, but I would guess that’s an option. In my mail program I can click on something like “Always display images from SomeRetailersPromoDept@someretailer.com”

andrew's avatar

The only real risk I can see is that spammers can tell if your email address is valid when your email client downloads those external images.

Risk of infection I think is virtually nil.

anartist's avatar

I use gmail and by my specified default it does not load images and other external content. If I know the sender or if it is a sender I am specifically interested in [maybe sought contact with] I will open the additional content.

ETpro's avatar

Thanks, all. @jaytkay I figured out how to authorize loading of remote content for specified senders, and am turing them on one by one. It’s great not to load images in spam.

IchtheosaurusRex's avatar

Not safe. Your anitivirus will catch any malicious content, like rogue ActiveX controls, but letting something as simple as a web bug get through can cause you grief in terms of the amount of spam email you’ll get as a result. Don’t allow active content or images even if the email appears to be from a source you trust.

bomyne's avatar

Remote content being embedded HTML? It’s the same risk as any other webpage. This very website, Fluther, poses the same risk to you… but you trust Fluther. By the same measure, if you allow remote content in an email, you are trusting the email sender.

Did the email arrive from your family or from a company you know and trust? Then allow it. Did the email arrive from a random stranger you have never heard of before? I think you know where I’m going with this.

MANY email clients, and most webmail clients, will strip out dangerous HTML (Java, activex, flash, etc) though.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther