Can virus be sent through an email tool on client's site?

Forum Moderators: phranque

Message Too Old, No Replies

Can virus be sent through an email tool on client's site?

kevinj

6:37 pm on Apr 10, 2004 (gmt 0)

I have a client who has a tool on their site that allows anyone to submit an email address of a friend and then it takes them to a form where they can type a subject and a message and have the email sent through the site's mailserver. My question is, could a virus be sent through this tool? It doesn't allow them to attach files, but maybe in the email body?

Thanks,
Kevin

Alternative Future

9:10 am on Apr 12, 2004 (gmt 0)

Hi kevinj,

I am quite sure you are safe with the procedure you have in place for sending an email. As far as I am led to believe you have to execute something to get the virus on the clients machine i.e. an attachment that contains the virus.

I would be interested in learning if indeed you can infect another pc with just the body of an email.

-George

Leosghost

11:10 am on Apr 12, 2004 (gmt 0)

Depends entirely on what kind of input the form allows and what kind of format the clientside email prog is configured for ....There is a whole pile of stuff you can do without needing to attach it ..

henry0

11:32 am on Apr 12, 2004 (gmt 0)

wasn't one of the last virus auto-exec
just by opening it?

TheDoctor

12:48 pm on Apr 12, 2004 (gmt 0)

It depends on whether the email is sent text-only or as HTML.

You can't get a virus from text. You shouldn't be able to get one from HTML either, but I seem to remember MS having to issue a patch for Outlook because they found that you could.

Get your friend to send the message text only. That way (s)he plays it safe.

Alternative Future

12:55 pm on Apr 12, 2004 (gmt 0)

Yeah I remember the patch from MS relating to that virus, was it not related to the ActiveX component?

-George