Securing your E-Mail client – Outlook Express Part 1
Outlook Express Security
In its default installation, Outlook Express is as secure (insecure?) as Internet Explorer, since they are really two different faces of the same core components. It must be said that newer versions of Outlook Express offer some added protection against viruses.
What is the alternative
The alternative would be to use free email clients like Thunderbird and Foxmail or even paid clients like TheBat.If you cannot avoid using OE, follow the tips below to secure it against Malware infiltration.
As with any Microsoft product the foremost recommendation is to be sure you have all the security updates installed.
Send and Receive in plain text only
Further, HTML email allows Malware authors to obfuscate links making them appear legitimate.
Open Outlook Express, click open the Tools menu and click Options to open the configuration window of OE.
In the Read tab check Read all messages in plain text.
Send messages immediately
Uncheck this option, it is available in the Send tab. This will prevent a malicious virus being automatically sent to everyone in your address book by making your outgoing messages to reside in the Outbox folder until you click the Send and Receive button on the toolbar.
Mail Sending Format
This setting configures how your outgoing mail is formatted. Select Plain Text in Mail Sending Format and also uncheck Reply to messages using the format in which they were sent.
Verify that OE uses the Restricted sites zone:
Warn me when other applications try to send mail as me:
This setting is enabled by default. OE warns you when other programs attempt to send messages from your computer.
Do not allow attachments to be saved or opened that could potentially be a virus
Verify this setting is checked. This setting is enabled by default. This setting lets OE block the opening or saving of specific email attachments that might potentially contain a virus.
Outlook Express does not block all attachments indiscriminately. Afterall, some file types simply cannot contain a virus, such as a plain text or image file. To determine if an attachment might potentially contain a virus, Outlook Express checks the attachment's extension (the 3 letters after the filename) and sees if it is on the list of high-risk file types.These are the executable files such as *.exe (executable), *.pif(program information file), *.scr (screen saver), *.vbs (Visual Basic script), and 67 others. If the extension is high-risk, Outlook Express blocks all access to the attachment. If the extension is one of the 16 or so low-risk types, such as *.txt, *.bmp, *.jpg and *.gif, the attachment is not blocked. If the extension is neither high- nor low-risk, it is considered, not surprisingly, medium-risk. Outlook Express will then give you a warning if you try to open the attachment, but will not block it completely.
Block images and other external content in HTML email:
This setting is enabled by default and is necessary if you are viewing your email in HTML format. This will block HTML that is pulled from a remote site when opening the email, striping out web bugs but preserves other HTML content.
Turnoff the Preview Pane
This feature is convenient but it also means web bugs and scripts contained in an email will also run automatically if you are viewing the email in HTML mode.
Click the View menu and click on Layout
Uncheck Show preview pane.
You can also add a toolbar button to quickly turn it on or off. Click on Customize Toolbar button in the layout window and select Preview from the available toolbar buttons and click Add to add the Preview button to your toolbar.
This concludes the Outlook Express Security Tutorial Part 1
|Securing your E-Mail client – Outlook Express Part 2|