marcdrogin-ga:
Thanks for your question about handling suspicious e-mails.
The method you describe is indeed a safe way to view the contents of
an email without the possibility of triggering a dangerous payload.
E-mails are simply text messages containing a lot of extra
information. An e-mail client, like Outlook Express, is able to take
this extra information from the text, and transform it into something
different such as an attachment. Until you allow Outlook Express (or
whichever e-mail client you are using) to do this, however, the
contents of the e-mail are just a collection of text characters.
The ability to view the Message Source is an important one, as it
essentially allows you to view the e-mail as a text message. Since it
is being viewed simply as plain text, no intepreter is running to
transform the extra information into something other than plain text.
So, for example, if there is an attachment, you will simply see in the
source a section of random characters preceded by a header stating the
encoding method used to transform the original binary file into text.
This is partly why it is a good idea not to use the Preview Pane
feature in Outlook Express, as the preview pane will convert any extra
information in the e-mail into attachments or code before displaying
the e-mail; in a case like that, any maliscious attachments or code
will indeed have the potential to run and ruin your day/week/year.
Of special note is how programs like Outlook Express handle the
presence of HTML tags in an e-mail. The standard action taken by
Outlook Express is to treat all HTML as valid, formatting the e-mail
using the HTML for display on your screen. However, the lax security
settings used by Outlook Express means that any dangerous HTML code
will also be intepreted and run; again, a good reason not to use the
Preview Pane. In the View Message Source approach, HTML coding is NOT
interpreted, it is simply displayed as text along with the rest of the
text in the e-mail. This way, you are safe: even if the e-mail
contains dangerous code, no program capable of executing that code
will be run if you simply view the message source.
If you are interested in a high level overview of how e-mail works,
please take a look at the following tutorial:
http://www.mailbox.net.uk/page.php?cid=44
I hope this helps!
aht-ga
Google Answers Researcher |