Prev: Problem when moving attachment folder
Next: Error Message When Opening Attachments in E-Mail
From: jw on 15 Mar 2010 06:12
Naturally, when Eudora 'checks mail', any incoming e-mails are
shown. I always thought that if I simply scanned a text 'preview',
but did not actually 'open' an e-mail, and deleted any that I didn't
trust, then I was safe from any virus present in the e-mail and its
attachments.

I did some tests, and find that attachments are stored in my hard
drive Eudora folders even for unopened e-mails. Therefore my
assumptions of safety seem to be wrong.

Is this correct? Or am I missing some Eudora setting that would
provide the safety net I thought I had all along?

Thanks

Duke
From: Stan Bischof on 15 Mar 2010 09:38
jw(a)eldorado.com wrote:
> Naturally, when Eudora 'checks mail', any incoming e-mails are
> shown. I always thought that if I simply scanned a text 'preview',
> but did not actually 'open' an e-mail, and deleted any that I didn't
> trust, then I was safe from any virus present in the e-mail and its
> attachments.
>
> I did some tests, and find that attachments are stored in my hard
> drive Eudora folders even for unopened e-mails. Therefore my
> assumptions of safety seem to be wrong.
>
> Is this correct? Or am I missing some Eudora setting that would
> provide the safety net I thought I had all along?
>

First thing to do if you really want to be safe is to NOT
run as an administrator. That way even if you were to download
and run malware, there's very little it could do to your system.

From within Eudora one of the best tools is to limit
the size of your downloads. If your initial download setting is
around 10k the vast majority of malware will be scuttled
since that is too small for most. At that point about all that is
left is HTML links-- and you of course know to always verify
links before following them, right?

You can of course download larger legit messages after you manually
select them.

lots more of course, like good firewall, but these are some
of the most important things you can do to be safe.

Stan
From: jw on 15 Mar 2010 10:17
On 15 Mar 2010 13:38:54 GMT, Stan Bischof
<stan(a)newserve.worldbadminton.com> wrote:

>First thing to do if you really want to be safe is to NOT
>run as an administrator. That way even if you were to download
>and run malware, there's very little it could do to your system.
>
>From within Eudora one of the best tools is to limit
>the size of your downloads. If your initial download setting is
>around 10k the vast majority of malware will be scuttled
>since that is too small for most. At that point about all that is
>left is HTML links-- and you of course know to always verify
>links before following them, right?
>
>You can of course download larger legit messages after you manually
>select them.
>
>lots more of course, like good firewall, but these are some
>of the most important things you can do to be safe.
>
>Stan

Thanks for response, Stan.
I'm with you all the way except when you say to download larger legit
messages after you manually select them. I don't know how to
manually select particular messages on my Verizon without downloading
them. IOW I always thought Eudora only chose to accept based on size
and nothing else.

Duke
From: Stan Bischof on 15 Mar 2010 10:31
jw(a)eldorado.com wrote:
> On 15 Mar 2010 13:38:54 GMT, Stan Bischof
> <stan(a)newserve.worldbadminton.com> wrote:
>
>
> Thanks for response, Stan.
> I'm with you all the way except when you say to download larger legit
> messages after you manually select them. I don't know how to
> manually select particular messages on my Verizon without downloading
> them. IOW I always thought Eudora only chose to accept based on size
> and nothing else.
>

What happens is that Eudora will download the specified amount- then
flag the message as incomplete. Quite nice actually. You can
then look at the message header and whatnot and choose if you
want to download the rest.

10k seems about right for me as almost no malware is smaller than that,
but you are of course free to adjust the size as needed in your case.

Stan
From: John H Meyers on 15 Mar 2010 10:47
On 3/15/2010 5:12 AM:

> I did some tests, and find that attachments are stored in my hard
> drive Eudora folders even for unopened e-mails. Therefore my
> assumptions of safety seem to be wrong.

"Storing" does not "Run," "Open," or "Execute" anything.

Setting the two "Launch" options in "Extra Warnings" will warn you
if you try to open any executable file in classic Eudora's
attachment folder, even while Eudora is not running!

"Delete Attachments when Emptying Trash" will automatically delete
the attachments of any message that you trash.

If you were to go ahead and click to open any attachment,
in any other email program. then they would also open,
so the idea that you are not just "a click away"
from opening any attachment with _any_ program is mistaken.

Eudora actually has not only the above extra warnings,
but the fact that attachments are extracted upon downloading
gives your anti-virus program an immediate opportunity
to detect known viruses at once, whereas they may sit
undetected when using other programs.

For Thunderbird, which did not originally extract attachments
upon downloading, user clamor has produced easier-than ever
separation of the attachments, and many have also installed
a wildly popular "Attachment Extractor" extension, to get
the very same functionality which you are leery of in classic Eudora!

Just for amusement, take a look at the name of its author:
http://www.eviljeff.com/?page=moz-extensions

https://addons.mozilla.org/en-US/thunderbird/addon/556
tells us that this extension is approaching 300,000 downloads to date.

https://addons.mozilla.org/en-US/thunderbird/addon/556/developers
tells us that it doesn't yet even have the ability
to auto delete detached files when the email is deleted.

As they say, "the grass is always greener on the other side of the fence,"
and most notions of what's good or bad, or why, are based largely
on subjective feelings, often not fully thought out,
unfortunately even in the voting booth.

--
 |  Next  |  Last
Pages: 1 2 3
Prev: Problem when moving attachment folder
Next: Error Message When Opening Attachments in E-Mail