On 21 Mar 2000, at 12:30, Doug Simmons <[log in to unmask]>
wrote:

> At 3/21/00 04:37 AM +0200, Uzi Paz wrote:
>
> >Most of the e-mail messages do not contain executable attachments,
> >and thus if you set your e-mail program not to open such attachments
> >automatically (most of the e-mail programs can be set that way), then
> >you only have to scan those who have attachments, (and this is a
> >minority of the messages).
>
> A follow-up question about Email and viruses for my information.  What are
> the possibilities of code embedded in an html encoded email executing when
> displayed in a preview pane of an Email reader?  Not being a web author, I
> am not familiar with what code could be embedded in an html email that
> would be executed.  Can ActiveX code be imbedded in an HTML page?

Yes, and so Java, although ActiveX is considered as having more
security holes.

I would turn ActiveX off even if it is claimed as safe.
What are the chances that I would get a legitimate message with
ActiveX controls in it?
None of my friends/correspondents will bother to do such a thing. In all
the mailing lists I am subscribed to, it will be considered as highly
unethical.
I guess that the only sources, where I can get such messages are
spammers, and e-mail viruses. I need none of them.
Maybe in the future, I wouldn't be able to say such a thing, and it would
be reasonable to expect that from time to time such messages will
come also from legitimate sources. Until then I prefer to turn the whole
thing off (the same for Java applets).

Uzi

             Do you want to signoff PCSOFT or just change to
                    Digest mode - visit our web site:
                    http://nospin.com/pc/pcsoft.html