
	Home > Microsoft Exchange News > Best Practice #8: Just be plain

Microsoft Exchange News:

EMAIL THIS

Best Practice #8: Just be plain

By Richard Luckett
10 Aug 2005 | SearchExchange.com

Digg This!

StumbleUpon

Del.icio.us

For hackers to inject malicious code into the body of an e-mail message, they would need to take advantage of HTML or RTF formatting. If you receive a message and you choose to read the message in plain text, then the malicious code cannot affect you. By default Exchange Server supports both HTML and plain text.

Here's how you configure an Outlook 2003 client to only read messages in plain text:

Go to Tools -> Options.
Click the Preferences tab.
Select the E-mail Options button.
Mark the checkbox for 'Read all standard mail in plain text.'
Now choose the checkbox that says 'Read all digitally signed mail in plain text.'
Click OK twice.

If you want to support HTML, make sure you leave all the 'Automatic Picture Download Settings' in their default enabled state. These settings, which are found in the Security Properties page for Outlook 2003, prevent Web beaconing. Web beaconing is a process that spammers use to identify when someone has opened a spam e-mail they sent.

Only Outlook 2003 and OWA 2003 support this feature. For more information, see Microsoft Knowledge Base article 831608.

Top 10 best practices for securing e-mail clients

Home: Introduction
#1: Patch your clients
#2: Configure antivirus software to scan your e-mail clients
#3: Use anti-malware software
#4: Quarantine attachments
#5: Don't be a sucker
#6: Disable unsigned macros
#7: Use Outlook's Junk E-mail filter or install spam-filtering software
#8: Just be plain
#9: Learn to read (e-mail headers, that is)
#10: Digitally sign and encrypt e-mails

ABOUT THE AUTHOR:

Richard Luckett, Vice President and Senior Consultant, Ajettix Security
Richard Luckett is a Microsoft Certified Systems Engineer on the Windows NT 4.0, 2000 and 2003 platforms and has been certified on Exchange since version 4.0. He is the co-author of Administering Exchange 2000 Server, published by McGraw Hill, and has written four Exchange courses, Introduction to Exchange 2000, and Hands-on Exchange 2003, Ultimate Exchange Server 2003 and Exchange Server 2003 Administrator Boot Camp for Global Knowledge Inc. Richard is currently Vice President and Senior Consultant for Ajettix Security, where he is the head of the Microsoft security practice.

Digg This! StumbleUpon Del.icio.us

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

E-mail Security - Spam Filtering, Anti Virus, Password Management, Exchange Server Permissions

SEARCH

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2004 - 2009, TechTarget \| Read our Privacy Policy