osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

email security?


On 07/04/18 22:30, Jim wrote:
> I run thunderbird on various flavors of Ubuntu in text mode.
> 
> Is there any risk in just opening a suspicious email using thunderbird
> in Ubuntu?

I don't know for sure, because I don't know what holes there are in
Thunderbird, so I avoid opening dodgy emails in it, even though I have
it set NOT to use HTML.

> If there is risk does using text mode mitigate it any?

It depends what you mean by text mode -- that is, what mail application?
If you use UCB Mail, I'd say zero risk, as there isn't any kind of API
that a virus could latch onto AFAIK. Probably the same applies to mutt,
elm, pine, etc.

> Would opening it in print preview make it less risky?

No, probably worse, as that will invoke PDF or other graphics libraries,
all of which have had known vulnerabilities.

Personally I just delete suspicious emails on arrival (those that
procmail hasn't already trashed).

It's very unlikely that anyone I deal with would send anything other
than plain text, and the few who might have to use O365 know better than
to send me HTML email or OLE embedded features.

Anyone genuinely trying to contact me for the first time, and sending a
message which looks suspicious, will just have to try another way.

If it might be really, really important, right-click the message and
pick Save As... and save it as a file somewhere. Then open it with a
plaintext editor (eg Emacs, vi, gedit, etc). You will at least be able
to see and examine all the headers for evidence of dodgy origins, and to
see if it contains plain text in the message body. If the entire message
looks like hexadecimal, with no readable text at all, then it's been
sent from a system that leaves no plaintext copy, which I would avoid.

///Peter