[pmmail-list] HTML mail again (was: PMMail 2000 Update)

xavier caballe pmmail-list@blueprintsoftwareworks.com
Thu, 30 May 2002 00:41:05 +0200 

>First, my biggest problem with HTML mail is that it is mis-used so
>My coworkers were warned against HTML mail because when we got
>Outcrook they went wild.  File sizes exploded as images were
>included, etc.  Even my lame IT department is worried about HTML
>mail, albeit for many wrong reasons.

There are two different concepts on this: HTML is one thing, and I do
believe is not bad 'per se'... and the other thing is Outlook. There're
some security flaws on Outlook, but the problem is not with HTML but wit=
h
design mistakes. Most of the Outlook problems are consequence of design
failures and because Microsoft's people did choose the worst option when=

they had a dilemma. For Microsoft, security was not an issue on the desi=
gn
stage for Outlook.

To say this in another way: most of the security flaws on Outlook are no=
t
due because they're allow the use of HTML on mail content. The main
problem with Outlook is its bad design and no taking security as a prima=
ry
requirement. HTML is just a way for exploit these security flaws. I thin=
k
most people on this list doesn't understand this difference, that for me=

it's obvious... 

>Third, I don't know about y'all, but I am getting a ton of these
>stupid 120K HTML virus messages.  I mean, one account gets a dozen or
>more of these every day.  I'm getting these because the popularity of
>HTML mail has made it possible.

I don't get any... or just a few. I have an antivirus running on my own
mail server (a Linux box running sendmail with amavis), so most of this
junk mail doesn't arrive to my POP account. 

>the current PMMail provides.  If PMMail becomes like Outsnook, I'll
>likely stop using it.  If support is more limited, I'll be satisfied.

Of course, I agree with you... it PMMail does not take security (and
privacy) as a priority, I'll also stop using it.

Xavi
---
http://www.quands.info
Portal de seguretat inform=E0tica en catal=E0




- pmmail-list - The PMMail Dicussion List ---------------------------
To POST to the list, send your message to:
pmmail-list@blueprintsoftwareworks.com

To UNSUBSCRIBE, send a message to mdaemon@bmtmicro.com with the first 
line of the message body being...
UNSUBSCRIBE pmmail-list@blueprintsoftwareworks.com
---------------------------------------------------------------------