risks of web based attachments

Discussion in 'other security issues & news' started by mikeo1313, Sep 20, 2012.

Thread Status:
Not open for further replies.
  1. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    Seems a "non-spam" sender's html/attachments to a hotmail account are automatically downloaded.

    Q.1.
    Unless I'm mistaken, an encoded html image on the senders server could get your ip address and attempt to exploit you?

    Q.2.
    I've seen no way to BLOCK ALL attachments and html from being downloaded unless explicitly needed, mail per mail. Hotmail downloads all html & images if the sender is "known". Am I wrong, how can this be corrected?
     
  2. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Hi, no Att's get DL'd auto to me from HM ! Maybe you should check your settings ? Plus the Att's are already at HM, not being sent directly from the sender. Also you can select to DL as a Zip.

    Re getting your IP via email etc. If you set HM to block images from being auto shown, they can't use that known trick ;) If you trusted the sender, you could then allow images, either always, or per each email :)
     
  3. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    I've never chose to trust or un trust. The problem with hotmail is if your exchanging emails with a person if they send you a HTML message it opens the html and it seems theres no way around it.

    For example, I've been exchanging email with this one person that has a logo encoded at the end of the messages.

    The message appears as if it has an attachment (paperclip icon), but there isn't a downloadable attachment. Not to be paranoid or anything but the only option I have is to flag the sender as spam, I've seen no way to explicitly block HTML from a specific individual I exchange emails with not to mention the only case for which I don't mind HTML emails are for periodic newsletters.



     
  4. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    Re - HTML messages

    You can select HM to recieve emails in Plain Text, check your settings.

    Re - paperclip icon

    Yes, i've seen that several times too ! Often there is an Att, & it's downloadable as a Zip. It "usually" says so.
     
  5. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    what I ended up doing is deleting everyone from safe senders list and in the filtering blocked everyone's downloads.
     
  6. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Mine have always had "view content" or some such thing. Even links don't work unless I choose them to. Have used HM for so long I couldn't hazard a guess at just how long it has been this way - but thats how I have always remembered it working.

    Sul.
     
  7. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    1. without a single person on my safe senders list in hotmail
    2. without having clicked neither show nor download content
    3. without an icon that shows mail has an attachment

    An image inside an email from Obama's campaign loads, though ALL other newsletters I usually/periodically receive now don't after performing steps 1 & 2. (remember, nobody is on my safe senders list)

    Really
     
  8. mikeo1313

    mikeo1313 Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    108
    1. Sign in to your Windows Live Hotmail account.

    2. Click Options, and then click More options.

    3. Under Reading email, click Active View settings.

    4. Under Do you want to see previews?, choose Hide previews

    5. Under Do you want interactive mail?, choose No

    6. Click Save.


    ... resolved issue
     
Loading...
Thread Status:
Not open for further replies.