Email Guides and Essays
About Overcome Email Overload with Eudora 5 About Overcome Email Overload with Microsoft Outlook 2000 and Outlook 2002
About Kaitlin Duck Sherwood
|
Getting Rid of Dangerous Messagesby Kaitlin Duck Sherwood
Get Rid of (Some) Dangerous Viruses by Filtering on iframe src=cid:There are a number of viruses now that exploit a weakness in programs that share code with Internet Explorer. This includes Outlook, Outlook Express, and Eudora for Windows in its standard configuration.Those email programs will automatically open a new frame when they see the HTML text <iframe src=something>and they will process whatever the something is. If the something is an attachment, they will execute the attachment. Ooops. This means you don't have to click on the attachment in order to infect yourself. Below, I show how to avoid some dangerous messages -- but you should still have a good virus checker. My strategy gives you a little more protection from viruses that are so new than your anitivirus software doesn't know about them yet. EudoraIf you use Eudora, you can get rid of the problem by using Eudora's built-in HTML viewer instead of using Internet Explorer's HTML viewer.
Eudora's built-in viewer sometimes doesn't display HTML pages quite as nicely as Microsoft's viewer, but that seems a small price to pay for improved virus resistance. You can also quarantine iframe messages, as I describe in the next section. Outlook or Outlook ExpressOutlook Express for the Mac will let you do this, but Outlook Express for Windows and Outlook 2002 rules can't "see" HTML tags, so you can't find "iframe" messages.I was sure that I had tested this on Outlook, but it doesn't work on Outlook 2002 -- so maybe this works with Outlook 2000. If you try this on Outlook 2000, please let me know what you find. Create a rule to move messages that contain iframe(in the body of the message) a quarantine folder. (Make sure that the Preview Pane is turned OFF in the quarantine folder!!!!!) Then, every once in a while, look through the quarantine folder and delete anything you don't recognize. Note that there are a FEW legitimate messages that use iframe. In particular, if you email a Yahoo News story to a friend, that ends up with an iframe. If you get a lot of news stories, you could modify your rule so that if the message is from refertofriend@reply.yahoo.com, don't process it. You can also make the rule more specific by looking for <iframe src=cid:instead of iframeThat will only find messages that execute an attachment that was sent with the message. Get Rid of Pop-Ups by Filtering On SCRIPTAgain, Eudora and Outlook Express for the Mac can do this, but Outlook 2002 (and maybe 2000) and Outlook Express for Windows cannot.Javascript can also do a lot of annoying things, including popping up windows. You can set up a rule (aka filter) to quarantine messages with <scriptin the body of the message (Don't just look for scriptor this rule will catch the message from the Hollywood agent who wants to make a movie about your life!) Note: Someday script writers might start putting a spaces between the left angle bracket and the word "script": < scriptIf that ever starts being a problem for you, you might try looking for /scriptinstead or in addition to <script. |