TR8
join:2002-12-15
USA | Safe way to read suspicious emails? Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? | |
|
 
jaa
Premium,MVM
join:2000-06-13 | Re: Safe way to read suspicious emails? I usually read anything suspicious with the "delete" key. | |
|
 | 
Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
| Re: Safe way to read suspicious emails? said by jaa  :I usually read anything suspicious with the "delete" key. DITTO | |
|
Matt_Day
join:2004-01-07
UK
| said by TR8 :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? Just be aware it is possible to spoof the "from" field of an email header; just because it says its from symantec.com doesn't mean it is.
Make sure your settings in your email client are secured, (if for instance it is Outlook or Outlook Express, set it to run in IE's restricted mode (which prevents scripts from running etc).
As above, I immediately delete any suspicious emails. | |
|
anthrorules
Premium
join:2003-09-14
Rollinsville, CO
 ·Qwest.net
 ·IonSKY
| I typically adjust server-side filtering via SPAM Assassin with my various hosting companies and ISP, which will put nice little levels of SPAM in the subject line, which is my first line of defense, then I use MailWasher Pro to read all emails before downloading it to my computer, and when I do, I have disabled HTML view and also set default Internet zone to Restricted Zone in Outlook settings.
--
ionSKY Wireless ISP - 2.4GHz - 802.11b - 1.0MB/384kbps | Dell Dimension 4550/WinXP Pro/SP2/768MB Ram -- Dell Inspiron 5150/WinXP Pro/SP2/512MB Ram |Kerio Personal Firewall 2.1.5 | NAT Router/Firewall | NETGEAR WGT624v2 Wireless Firewall/Router | |
|
rgoings
join:2001-08-07
Fairfax, VA
| said by TR8 :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? I have been using Pine for reading all my spam messages as well as anything else I am unsure about. A free text only mail reader that is fast safe. Check it out at »www.washington.edu/pine/
Russell
--
My group's mission statement - 'You want *what* ? By *WHEN* ?'
-- Simon Burr | |
|
|
|
Blackbird
Built for Speed
Premium
join:2005-01-14
Fort Wayne, IN
·Verizon Online DSL
| If one is going to open suspicious eMail, NEVER open it with any form of HTML capability enabled in the browser, as anthrorules has noted, unless the browser involved uses a special, "known-safe" HTML rendering engine (as do ones like Pocomail) - use plain-text only. And one should always make sure the system is off-line at the time of opening the eMail, just to be safest. Of course, any attachments should never be opened either, as long as the message has not been established to be 100% safe.
HTML-triggered exploits and auto-linking ("phoning home") to a website are primary avenues (besides malicious file attachments) for setting oneself up for "unpleasant" experiences in either the virus, malware, or spam realms.
The safest avenue, of course, is simply to delete suspicious messages unopened. But on rare occasions, a message may seem "almost" OK - but not quite... and a closer (but extremely cautious) look might be warranted.
--
If God wanted us to work with electrons, He'd make them big enough to see... | |
|
boblandy
Premium
join:2002-05-06
| said by TR8 :Is there a safe way to read suspicious emails? my incoming email server uses postini, a "preemptive email protection" service. it is wonderful, stopping spam and infected messages on the server side, then notifying me (if i wish) that blocked messages have accumulated in the message center.
i can log in there and view whatever message i like, whether it is virus-ridden or pure spam, and it is sandboxed in a quarantine location so i am not touched by it.
i don't think it is for the individual home user, but it is ideal for small businesses.
i think it is excellent
--
look out kid they keep it all hid | |
|
| 
Owlbet
Ignite the Ice
Premium,MVM
join:2002-09-24
Palmer, AK
clubs:
·MTA Online
1 edit | Re: Safe way to read suspicious emails? said by boblandy :I don't think it is for the individual home user, but it is ideal for small businesses. My ISP has made it available for home users. I pay a nominal fee of $1.50 per month. It's a good investment for peace of mind.
--
Rocky is, was, and always will be Dawg E. Dawg. | |
|
| | boblandy
Premium
join:2002-05-06
| Re: Safe way to read suspicious emails? right, and as a home user, i have it too. but only because my isp makes it available. that's what i meant when i said i don't think it is for the home user. badly worded i guess
it sounds like you like the service. the "slip through" rate is real low... very few pieces of spam make it into my inbox. once in awhile i realize i never received an order confirmation or something else i was expecting, and i open the message center and there it is.
but those instances are few
--
look out kid they keep it all hid | |
|
spy1
Welcome to Amerika
Premium
join:2002-06-24
Charlotte, NC
| My ISP (Comporium) also offers the Postini service (free) to all its' home-users.
I don't use the spam-filtering part (I prefer to deal with my small amount of spam myself due to concerns about something legit being lost/made un-available) - but I can confirm that the A/V service (which is McAfee-based) is top-notch.
My personal A/V (NOD32) hasn't had a chance to catch anything e-mail-related in, well, years. Postini's service catches it all - and I like the fact that you can examine them - or even go ahead and have them delivered as-is - if you like.
I preview all suspect emails using the last version of the free MailWasher (works quite well for me since I only have the one account) - and, of course, OE is set safely anyway. Pete
--
Compaq Presario 7110US, 1.3GHz ThunderBird, 1GB RAM, 160GB HD, WinXP Pro w/SP2, TDS-3, WormGuard, Port Explorer v2.000, Process Guard v.3.150, The Cleaner Pro v.4.1 b.4252, TrojanHunter v.4.1 Build 903, NOD32, XP ICF, ALL javacool programs, SBS&D, SPYCOP | |
|
salzan
Experienced Optimist
Premium
join:2004-01-08
WA State
| I have my system set up with K9>Poptray>Eudora. I can preview messages in Poptray if I really want to. I have K9 set up to only mark messages as spam and a filter in Poptray that sets all those messages as marked for deletion. One click per account and the spam is gone. I have 10 accounts, most on commercial websites, and I can't afford to let filters delete them without previewing at least the header. Nothing unwanted ever makes it to Eudora. | |
|
jbob
Reach Out and Touch Someone
Premium
join:2004-04-26
Little Rock, AR | I just screen all my mail using MailWasher. I can read text and see all the headers and decide whether I need or want it or not. And extra step I know but ah what the heck. Like they say and ounce of prevention is worth a pound of cure. | |
|
TR8
join:2002-12-15
USA | Mailwasher looks good. Thanks for suggestions. | |
|
| |
| |
TR8
join:2002-12-15
USA
| Re: Safe way to read suspicious emails? I use Outlook 2002 and the only way I could read an email in plain text was to open it first and then switch. This link took me to a microsoft Service pack and then a registry patch so now when I open an email it automatically is in plain text. thanks, Andy. | |
|
garys_2k
join:2004-05-07
Farmington, MI | I put Outclass on my Outlook at work, it has a "safe view" button that lets you view the source (including all headers) in notepad. Outlook never notices, as it remains classed as Unread. | |
|
Curiosity
join:2001-10-01
Dawson Creek, BC | I read email only as plain text. That way, no scripts or binary files can be executed. I also scan email with Mailwasher. The most effective spam filter I have seen is one that filters by content-type. Most spam is text/html or multipart/*. | |
|
madylarian
The curmudgeonly
Premium
join:2002-01-03
Parkville, MD | Besides opening all mail in plain text only, Pegasus has a nice little "drag and drop" feature that lets me put email in edit mode in notepad without "opening" it.
mady
--
Honi soit qui mal y pense | |
|
| andyv420
join:2005-02-06 | Re: Safe way to read suspicious emails? Did you guys the read the Black Viper article link?
Also, I rather much prefer to use Groupwise from Novell. I use it at work, and its more powerful and stable than Outlook series. | |
|
jackal9er
join:2005-03-05
50016
3 edits | said by TR8 :Sometimes I get emails that Kaspersky AV disinfects. I get them regularly from Symantec.com. I kind of doubt they would be sending me viruses. Is there a safe way to read suspicious emails? Make sure you disable the return recipt option in your e-mail program otherwise a malicious attacker will know your address works he'll send you many virus/trojan in hopes that one of them will make it through your security screens or he might send you a flood of spam then you'll never get rid of him and his friends.
Just delete the message if somebody wants to talk to you
there is the telephone or fax which is just as good..... | |
|
keith2468
Premium,MVM
join:2001-02-03
Winnipeg, MB
| With MSOE (Outlook Express), you go to the mail selection panel, right click the mail concerned, select Properties, select Details, and select Message Source. Maximize the window that appears.
You will now be looking at the raw text that makes up the email.
- What does Kaspersky say that these emails from Symantec contain?
- And do the emails have attachments?
--
(Virus&Hijacking FAQ + Submit suspected malware + Backups FAQ + Security FAQ TOC) | |
|
|
TR8
join:2002-12-15
USA
| Re: Safe way to read suspicious emails? said by keith2468 :With MSOE (Outlook Express), you go to the mail selection panel, right click the mail concerned, select Properties, select Details, and select Message Source. Maximize the window that appears. You will now be looking at the raw text that makes up the email. - What does Kaspersky say that these emails from Symantec contain? - And do the emails have attachments? In Outlook 2002 when I right click there is no Properties, just Options. After updating and a registry patch I can now look at the plain text. This is a quote:
"The sample file you sent contains a new virus version of buppa.k. Please update your virus scanner with the attached dat file."
Best Regards,
Keria Reynolds
I never sent them a sample file. I have never had a subscription to Norton or Symantec. The email had an attachment and Kaspersky said it was infected with a virus email worm Win32.Netsky.q | |
|
| | Mele20
Premium
join:2001-06-05
Hilo, HI
| Re: Safe way to read suspicious emails? That's obviously not coming from Symantec rather the address is spoofed. Just delete any future ones immediately. Too bad your ISP doesn't scan all incoming email as their scanner would catch this and strip the attachment before forwarding the now harmless email to you.
Like others here, I have OE set to plain text only. Even then any suspicious email gets read by my right clicking on the highlighted email in the inbox and choosing properties. My ISP uses Symantec corporate to scan all incoming and outgoing email so I probably don't need to take these extra precautions, but you can't be too safe.
You could also get an email account here. All incoming mail is scanned by Kaspersky and the infected attachments are stripped.
--
The first and foremost function of our jurors is to protect private citizens from a tyrannical and intrusive government...Jurors are the last line of defense for liberty. Thomas Jefferson 1789 | |
|
| | | andyv420
join:2005-02-06 | Re: Safe way to read suspicious emails? I have used Kerio Mail Server 6 for my Exchange mail server. It works just great. It filters all infected messages before it even gets through my PC workstations. | |
|
|
bcool
Premium
join:2000-08-25
The Ozarks
| For several years now I've used Popcorn
»www.ultrafunk.com/products/popcorn/
I preview all my e-mail on my ISP's server and only a select few get to ever touch down on my hard drive. Consequently, OE tends to gather dust in my house.
--
"in flagrante delicto" | |
|
richtig
Music Is Emotion
Premium
join:2003-02-19
Australia
clubs:
| A simple and safe way to look at an email is to export it (or perhaps drag it) to the desktop, then rename it as a .txt file. Ignore any warning about changing file types.
Now, you can open it in Notepad, and search around all you like. As long as the file remains as pure non-executable text it can not harm anything.
--
We are the music makers,We are the dreamers of dreams.Arthur William Edgar O'Shaugnessy | |
|
| andyv420
join:2005-02-06
1 edit | Re: Safe way to read suspicious emails? Thats what I do...sort of.
You see, I read all emails only in plain text, but, since I do not run the real-time scanning, I take the attachment and download it onto my desktop and then manually use the "Scan with AVG" or whatever AV with it and then open the file.
But your idea is much more superb... | |
|
|
|
|
