[kubuntu-devel] Re: HTML by default in KMail

Jonathan Riddell jriddell at ubuntu.com
Fri Aug 6 15:04:43 BST 2010

On Fri, Aug 06, 2010 at 09:36:48AM -0400, Mackenzie Morgan wrote:
> On Friday, August 06, 2010 06:28:30 am Jonathan Riddell wrote:
> > KMail has large warnings in it's config box about security problems
> > that might magically appear.  I can imagine it would help with
> > phishing.  I could also imagine javascript security problems, although
> > I'd hope javascript isn't allowed in Kmail e-mails I could be wrong.
> I know of two security problems with HTML email.  Well, one security and one 
> spam.  The security one is, as you said, phishing.

Of course if all e-mails are plain text you're just as likely to fall
for a plain text phishing e-mail.

>  The spam one is that on 
> some emails there will be transparent gif's that don't show (duh) when you 
> open an email but do load from a server with a unique ID so that the sender 
> knows whether you're a sucker who opens spam, because then they an spam you 
> more.

Remote objects aren't loaded by default, that's another tickbox.


More information about the kubuntu-devel mailing list