Email Guides and Essays
by Kaitlin Duck Sherwood,
including Top Ten Tips for Overcoming Email Overload


About Overcome Email Overload with Eudora 5

About Overcome Email Overload with Microsoft Outlook 2000 and Outlook 2002

Buy a book!

Frequently asked questions

Press room

About Kaitlin Duck Sherwood

World Wide Webfoot Press home

Getting Rid of Dangerous Messages

by Kaitlin Duck Sherwood

Get Rid of (Some) Dangerous Viruses by Filtering on iframe src=cid:

There are a number of viruses now that exploit a weakness in programs that share code with Internet Explorer. This includes Outlook, Outlook Express, and Eudora for Windows in its standard configuration.

Those email programs will automatically open a new frame when they see the HTML text 

	<iframe src=something>
and they will process whatever the something is. If the something is an attachment, they will execute the attachment. Ooops. This means you don't have to click on the attachment in order to infect yourself.

Below, I show how to avoid some dangerous messages -- but you should still have a good virus checker. My strategy gives you a little more protection from viruses that are so new than your anitivirus software doesn't know about them yet.

Eudora

If you use Eudora, you can get rid of the problem by using Eudora's built-in HTML viewer instead of using Internet Explorer's HTML viewer.
  1. Select Tools -> Options... -> Viewing Mail.
  2. Uncheck the box next to Use Microsoft's viewer.

Eudora's built-in viewer sometimes doesn't display HTML pages quite as nicely as Microsoft's viewer, but that seems a small price to pay for improved virus resistance.

You can also quarantine iframe messages, as I describe in the next section.

Outlook or Outlook Express

Outlook Express for the Mac will let you do this, but Outlook Express for Windows and Outlook 2002 rules can't "see" HTML tags, so you can't find "iframe" messages.

I was sure that I had tested this on Outlook, but it doesn't work on Outlook 2002 -- so maybe this works with Outlook 2000. If you try this on Outlook 2000, please let me know what you find.

Create a rule to move messages that contain 

	iframe
(in the body of the message) a quarantine folder. (Make sure that the Preview Pane is turned OFF in the quarantine folder!!!!!) Then, every once in a while, look through the quarantine folder and delete anything you don't recognize.

Note that there are a FEW legitimate messages that use iframe. In particular, if you email a Yahoo News story to a friend, that ends up with an iframe. If you get a lot of news stories, you could modify your rule so that if the message is from refertofriend@reply.yahoo.com, don't process it.

You can also make the rule more specific by looking for 

	<iframe src=cid:
instead of 
	iframe
That will only find messages that execute an attachment that was sent with the message.

Get Rid of Pop-Ups by Filtering On SCRIPT

Again, Eudora and Outlook Express for the Mac can do this, but Outlook 2002 (and maybe 2000) and Outlook Express for Windows cannot.

Javascript can also do a lot of annoying things, including popping up windows. You can set up a rule (aka filter) to quarantine messages with 

	<script
in the body of the message (Don't just look for 
	script
or this rule will catch the message from the Hollywood agent who wants to make a movie about your life!)

Note: Someday script writers might start putting a spaces between the left angle bracket and the word "script": 

	< script
If that ever starts being a problem for you, you might try looking for 
	/script
instead or in addition to <script.