I'm using Horde IMP for my email front end. It disables inline viewing of HTML by default. The FAQ explains that it is a security risk due to potential ActiveX and Javascript components, and recommends not enabling it. What I don't understand is how enabling that opens you up to any more risk than browsing the web. Is the problem that the components are being executed on my mail server instead of someone else's system?
TryAgain
11:33 am on Dec 9, 2003 (gmt 0)
What I don't understand is how enabling that opens you up to any more risk than browsing the web.
I think that's the idea: html is potentially more dangerous than plain txt.
Is the problem that the components are being executed on my mail server instead of someone else's system?
Have not heard of this, but I'm no security expert.
Nova Reticulis
12:26 pm on Dec 9, 2003 (gmt 0)
I'm doing a cooler thing. All incoming HTML email for my mailbox is rejected with a notice that contains explicit language and is unsuitable for minors.
