TR8
join:2002-12-15
USA | Safe way to read suspicious emails?
Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? |
|
jaa
Premium,MVM
join:2000-06-13 | I usually read anything suspicious with the "delete" key. |
|
Matt_Day
join:2004-01-07
UK
| reply to TR8
said by TR8  :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? Just be aware it is possible to spoof the "from" field of an email header; just because it says its from symantec.com doesn't mean it is.
Make sure your settings in your email client are secured, (if for instance it is Outlook or Outlook Express, set it to run in IE's restricted mode (which prevents scripts from running etc).
As above, I immediately delete any suspicious emails. |
|
anthrorules
Premium
join:2003-09-14
Rollinsville, CO
 ·Qwest.net
 ·IonSKY
| reply to TR8
I typically adjust server-side filtering via SPAM Assassin with my various hosting companies and ISP, which will put nice little levels of SPAM in the subject line, which is my first line of defense, then I use MailWasher Pro to read all emails before downloading it to my computer, and when I do, I have disabled HTML view and also set default Internet zone to Restricted Zone in Outlook settings.
--
ionSKY Wireless ISP - 2.4GHz - 802.11b - 1.0MB/384kbps | Dell Dimension 4550/WinXP Pro/SP2/768MB Ram -- Dell Inspiron 5150/WinXP Pro/SP2/512MB Ram |Kerio Personal Firewall 2.1.5 | NAT Router/Firewall | NETGEAR WGT624v2 Wireless Firewall/Router |
|
rgoings
join:2001-08-07
Fairfax, VA
| reply to TR8
said by TR8 :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? I have been using Pine for reading all my spam messages as well as anything else I am unsure about. A free text only mail reader that is fast safe. Check it out at »www.washington.edu/pine/
Russell
--
My group's mission statement - 'You want *what* ? By *WHEN* ?'
-- Simon Burr |
|
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| reply to jaa
said by jaa :I usually read anything suspicious with the "delete" key. DITTO |
|
PavTheMan
join:2002-05-10
UK
clubs:
| reply to TR8
said by TR8 :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? In Outlook Express choose File - Properties - Details tab then click the Message Source button. This gives you the mail, including all the headers in plain text.
That's what I do if I'm curious. I'm pretty sure it's safe.
--
No Thanks Fritz, I'll Decide Who To Trust |
|
PavTheMan
join:2002-05-10
UK
clubs:
1 edit | reply to TR8
edit - double post
|
|
Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
·Verizon Online DSL
| reply to TR8
If one is going to open suspicious eMail, NEVER open it with any form of HTML capability enabled in the browser, as anthrorules has noted, unless the browser involved uses a special, "known-safe" HTML rendering engine (as do ones like Pocomail) - use plain-text only. And one should always make sure the system is off-line at the time of opening the eMail, just to be safest. Of course, any attachments should never be opened either, as long as the message has not been established to be 100% safe.
HTML-triggered exploits and auto-linking ("phoning home") to a website are primary avenues (besides malicious file attachments) for setting oneself up for "unpleasant" experiences in either the virus, malware, or spam realms.
The safest avenue, of course, is simply to delete suspicious messages unopened. But on rare occasions, a message may seem "almost" OK - but not quite... and a closer (but extremely cautious) look might be warranted.
--
If God wanted us to work with electrons, He'd make them big enough to see... |
|
boblandy
Premium
join:2002-05-06
| reply to TR8
said by TR8 :Is there a safe way to read suspicious emails? my incoming email server uses postini, a "preemptive email protection" service. it is wonderful, stopping spam and infected messages on the server side, then notifying me (if i wish) that blocked messages have accumulated in the message center.
i can log in there and view whatever message i like, whether it is virus-ridden or pure spam, and it is sandboxed in a quarantine location so i am not touched by it.
i don't think it is for the individual home user, but it is ideal for small businesses.
i think it is excellent
--
look out kid they keep it all hid |
|
Owlbet
Ignite the Ice
Premium,MVM
join:2002-09-24
Palmer, AK
clubs:
·MTA Online
1 edit | said by boblandy :I don't think it is for the individual home user, but it is ideal for small businesses. My ISP has made it available for home users. I pay a nominal fee of $1.50 per month. It's a good investment for peace of mind.
--
Rocky is, was, and always will be Dawg E. Dawg. |
|
boblandy
Premium
join:2002-05-06
| right, and as a home user, i have it too. but only because my isp makes it available. that's what i meant when i said i don't think it is for the home user. badly worded i guess
it sounds like you like the service. the "slip through" rate is real low... very few pieces of spam make it into my inbox. once in awhile i realize i never received an order confirmation or something else i was expecting, and i open the message center and there it is.
but those instances are few
--
look out kid they keep it all hid |
|
spy1
Welcome to Amerika
Premium
join:2002-06-24
Charlotte, NC
| reply to TR8
My ISP (Comporium) also offers the Postini service (free) to all its' home-users.
I don't use the spam-filtering part (I prefer to deal with my small amount of spam myself due to concerns about something legit being lost/made un-available) - but I can confirm that the A/V service (which is McAfee-based) is top-notch.
My personal A/V (NOD32) hasn't had a chance to catch anything e-mail-related in, well, years. Postini's service catches it all - and I like the fact that you can examine them - or even go ahead and have them delivered as-is - if you like.
I preview all suspect emails using the last version of the free MailWasher (works quite well for me since I only have the one account) - and, of course, OE is set safely anyway. Pete
--
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.000, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.1 Build 903, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP |
|
salzan
Experienced Optimist
Premium
join:2004-01-08
WA State
| reply to TR8
I have my system set up with K9>Poptray>Eudora. I can preview messages in Poptray if I really want to. I have K9 set up to only mark messages as spam and a filter in Poptray that sets all those messages as marked for deletion. One click per account and the spam is gone. I have 10 accounts, most on commercial websites, and I can't afford to let filters delete them without previewing at least the header. Nothing unwanted ever makes it to Eudora. |
|
jbob
Reach Out and Touch Someone
Premium
join:2004-04-26
Little Rock, AR | reply to TR8
I just screen all my mail using MailWasher. I can read text and see all the headers and decide whether I need or want it or not. And extra step I know but ah what the heck. Like they say and ounce of prevention is worth a pound of cure. |
|
TR8
join:2002-12-15
USA | reply to TR8
Mailwasher looks good. Thanks for suggestions. |
|
andyv420
join:2005-02-06
2 edits | Here is a simple way: use your Message Source option.
»www.blackviper.com/Articles/OS/E···ter1.htm |
|
garys_2k
join:2004-05-07
Farmington, MI | reply to TR8
I put Outclass on my Outlook at work, it has a "safe view" button that lets you view the source (including all headers) in notepad. Outlook never notices, as it remains classed as Unread. |
|
Curiosity
join:2001-10-01
Dawson Creek, BC | reply to TR8
I read email only as plain text. That way, no scripts or binary files can be executed. I also scan email with Mailwasher. The most effective spam filter I have seen is one that filters by content-type. Most spam is text/html or multipart/*. |
|
madylarian
The curmudgeonly
Premium
join:2002-01-03
Parkville, MD | reply to TR8
Besides opening all mail in plain text only, Pegasus has a nice little "drag and drop" feature that lets me put email in edit mode in notepad without "opening" it.
mady
--
Honi soit qui mal y pense |
|
