Sandboxie: How important is it to sandbox the mail client?

Discussion in 'sandboxing & virtualization' started by ejr, Mar 20, 2007.

Thread Status:
Not open for further replies.
  1. ejr

    ejr Registered Member

    Joined:
    Nov 19, 2005
    Posts:
    538
    I have tried Sandboxie on and off. I really like running the browser sandboxed. I somewhat want to run the mail client in the sandbox too, but I receive a lot of emails and documents that I must save, making it inconvenient to do so.

    Does spyware spread more through surfing or through email? Am I taking a much larger risk by running my mail client unsandboxed?
     
  2. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,121
    Location:
    Pennsylvania.
    Spyware is gotten more through browsing while viruses are mostly through emails.
     
  3. Bob D

    Bob D Registered Member

    Joined:
    Apr 18, 2005
    Posts:
    1,150
    Location:
    Mass., USA
    I run my browser Sandboxed 97% of the time. Great feeling to surf with impunity. Visit the nastiest sites w/ no residual cookies, history, malware, NOTHING.
    E-mail client, no. Email messages (if read as plain text) are really quite benign.
    Attachments are the only worry (about 85% of all virus infections are vectored through email attachments).
    I manually scan all attachments, and they are all from trusted clients/associates, plus my email server scans them. NEVER open attachments from unknowns (but you already know that).
    Aside from that, read your email as plain text, all should be fine.

    Cheers
     
    Last edited: Mar 20, 2007
  4. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,121
    Location:
    Pennsylvania.
    How do you change your email to text only?
     
  5. KikiBibi

    KikiBibi Registered Member

    Joined:
    Oct 23, 2006
    Posts:
    173
    cheater87,

    You can configure your email client to "display as plain text".
     
  6. Ice_Czar

    Ice_Czar Registered Member

    Joined:
    May 21, 2002
    Posts:
    696
    Location:
    Boulder Colorado
    replied to your original thread before tripping to the request the mods delete it :rolleyes:

    if you think about it, there is really very little difference between them when you have full blown html allowed in the email client, as to which is more dangerous, depends on where you surf and who has your email harvested, as well as how well your ISP is filtering and how good your AV is

    if you set your email client to a text only mode
    html based exploits, hidden javascripts ect cant run

    now Thunderbird has an extension that allows you to select which emails you might want to view as html individually
    https://addons.mozilla.org/thunderbird/1556/

    you could of course preview all your mail in sandboxie (w\ html & javascripts, embedded media ect) and then deal with it for real (delete, file, answer) as text only (for viewing, obviously you can compose mail however you like). ;)

    attachments are of course another matter, especially file extensions that can be spoofed or compromised (in the past this has included .doc .pdf .jpeg)
    as shown by the Storm Worm as well as Dref & Dorf malware is getting repackaged into thousands of signature variants as well. Previewing your inbox virtually allows you to mass delete from the "real" client without even opening the message. (not a 100% cure for all email spread malware but an incrementally better proceedure)
     
Loading...
Thread Status:
Not open for further replies.