How to control the downloading of email attachments or other harmful content in Outlook Express
I am frequently asked about securing the Outlook Express email client. One of the recurring questions is "why can't I receive file attachments in my email?"
Answer:
The default security setting for Outlook Express is to block file attachments. To allow attachments to be downloaded and opened click on the menu item "Tools" then on Options > Security, and UNCHECK the option labeled "Do not allow attachments to be saved or opened that could potentially be a virus."
What do the other security options control and what effect do they have on my email capabilities?
Virus Protection
"Select the Internet Explorer security zone to use:"
I would recommend selecting the radio option to use the Restricted sites zone(More secure), as it will disable some common exploit codes used by viruses, and spyware distributers. By reading email in the Restricted sites zone you prevent tracking cookies from loading, Javascript from running, and cloaked links to phishing sites will reveal their true destination when you hover the mouse over them.
"Warn me when other applications try to send email as me." This will alert you if a Worm gets onto your computer and starts sending out mass spam or virus infected emails that appear to come from you. While this won't catch more sophisticated email sending exploits (using their own SMTP engine), it may stop some exploits from going out with your return address in them. Always select this option.
Download Images:
"Block images and other external content in HTML e-mail."
If you select this option you will not be able to view images in your email. It also prevents tracking gifs, sound files, and flash ads from loading when you open an email. This pretty much cripples 80% of the email you may want to receive, in return for blocking images and tracking gifs in a small percentage of unsolicited commercial email (spam). I personally do not check this option.
The other options only apply to people who maintain digital ID certificates, to apply them when sending or receiving messsages. Most of us don't use any of those options.
After you have checked or unchecked your desired settings click Apply to save them, then OK to close the options window.
You can further secure Outlook Express against security exploits by TURNING OFF the PREVIEW PANE. To do this, with Outlook Express open, go to VIEW > LAYOUT > PREVIEW PANE, and UNCHECK "Show preview pane." Click Apply to save, then OK to exit.
The impact of this selection it that all email will appear in a list from top to bottom, just showing the From, Subject, and other fields you have chosen to view, but not the contents of any messages. To open an email you must double-click on it in the list. This tiny inconvenience helps protect you against code exploits that are not otherwise covered by the other security settings. I strongly recommend turning off the preview pane in Outlook Express!
If you haven't already done so, get a decent anti-virus program that scans incoming and outgoing emails, for viruses and other embedded, or attached threats. If you can't afford to purchase a commercial program there are plently of decent free ones available for downloading. I personally use AVG Free, not because I can't afford a commercial program, but because of it's relatively small impact on system resources (called small footprint in geek talk). You can download the current version from http://free.grisoft.com. AVG Free can be set to automatically check for and apply updates in certain 2 hour time-frames. If you are always online at a certain time of the day or night, set it to check for updates after you first go online. It can also check manually by right-clicking on the AVG System Tray Icon and selecting Check For Updates.
If you like this article please share it.
The content on this blog may be reprinted provided you do not modify the content and that you give credit to Wizcrafts and provide a link back to the blog home page, or individual blog articles you wish to reprint. Commercial use, or derivative work requires written permission from the author.