Concerned said:
I'm concerned about the safety of Auto Preview and Preview Pane.
I've been told that these options automatically open the email messages and
attachments; therefore increasing the possibility of a virus from an email or
attachment.
Is it true that the email and attachments automatically open when using Auto
Preview? Or the Preview Pane?
How does using Auto Preview effect email security?
Sincerely,
Safety depends on WHICH version of Outlook but which you didn't bother
to identify.
The Preview pane renders HTML content (since plain text is not a
security issue) under the Restricted Sites security zone (the default
unless you have changed Outlook's security options). All scripts and
HTML nasties are neutered under that zone.
The prevent the use of web beacons to identify when you have read an
e-mail, Outlook 2003 and later include a security option to block
external content. Outlook 2002 and before don't have this feature.
There is a NoSpyMail add-on that tries to block the use of web beacons
but it doesn't catch them all; for example, using ReadNotify will still
work because .wav files used as web beacons are not caught by NoSpyMail.
The AutoPreview mode shows the first few lines of each e-mail but only
in plain text mode. No security issues there. If you are using OL2002
then disable the Preview pane and instead use AutoPreview to eliminate
the use of web beacons. You then open (double-click on) the e-mails
that you want to read. Of course, unless you have a means of looking at
the raw source of the e-mail then you won't know if web beacons are used
within them. The AutoPreview merely eliminates the automatic use of web
beacons if you are using a version of Outlook that doesn't block
external content (and it is enabled).
