How much risk does allowing remote content in email messages pose?
Asked by
ETpro (
34605
)
July 11th, 2010
My computer is behind a router and I run up-to-date Norton AV. I just recently switched from an aging copy of Eudora 7 to the new Mozilla open source project Penelope (Eudora OSE). My old Eudora 7 loaded images and external content. As far as I know, that never resulted in any viruses getting on my system. The new Beta version of Eudora OSE by default blocks all external content. The result is that much of the email I receive is virtually unreadable, being HTML email with half its content in external images. How much infection risk do I take on if I tell Eudora OSE to display external content?
Observing members:
0
Composing members:
0
7 Answers
I feel fairly safe behind and router and with current anti-virus software. I am cautious about what I open but I worry less about what my e-mail program displays. I am much more careful about external content from senders I have no reason to trust. I hope this answer is helpful.
If Norton scans attachments, I think there is not much risk of viruses.
But here is another reason to turn off external content – spam senders put a hit counter on the content, and they can confirm that you are a live prospect who looks at their incoming messages. So it’s worthwhile to spam you again.
I prefer to to enable external content & images by sender. I haven’t used Eudora, but I would guess that’s an option. In my mail program I can click on something like “Always display images from SomeRetailersPromoDept@someretailer.com”
The only real risk I can see is that spammers can tell if your email address is valid when your email client downloads those external images.
Risk of infection I think is virtually nil.
I use gmail and by my specified default it does not load images and other external content. If I know the sender or if it is a sender I am specifically interested in [maybe sought contact with] I will open the additional content.
Thanks, all. @jaytkay I figured out how to authorize loading of remote content for specified senders, and am turing them on one by one. It’s great not to load images in spam.
Not safe. Your anitivirus will catch any malicious content, like rogue ActiveX controls, but letting something as simple as a web bug get through can cause you grief in terms of the amount of spam email you’ll get as a result. Don’t allow active content or images even if the email appears to be from a source you trust.
Remote content being embedded HTML? It’s the same risk as any other webpage. This very website, Fluther, poses the same risk to you… but you trust Fluther. By the same measure, if you allow remote content in an email, you are trusting the email sender.
Did the email arrive from your family or from a company you know and trust? Then allow it. Did the email arrive from a random stranger you have never heard of before? I think you know where I’m going with this.
MANY email clients, and most webmail clients, will strip out dangerous HTML (Java, activex, flash, etc) though.
Answer this question 
This question is in the General Section. Responses must be helpful and on-topic.
Composing members:
0
