[kubuntu-devel] Re: HTML by default in KMail
Jonathan Riddell
jriddell at ubuntu.com
Fri Aug 6 15:04:43 BST 2010
On Fri, Aug 06, 2010 at 09:36:48AM -0400, Mackenzie Morgan wrote:
> On Friday, August 06, 2010 06:28:30 am Jonathan Riddell wrote:
> > KMail has large warnings in it's config box about security problems
> > that might magically appear. I can imagine it would help with
> > phishing. I could also imagine javascript security problems, although
> > I'd hope javascript isn't allowed in Kmail e-mails I could be wrong.
>
> I know of two security problems with HTML email. Well, one security and one
> spam. The security one is, as you said, phishing.
Of course if all e-mails are plain text you're just as likely to fall
for a plain text phishing e-mail.
> The spam one is that on
> some emails there will be transparent gif's that don't show (duh) when you
> open an email but do load from a server with a unique ID so that the sender
> knows whether you're a sucker who opens spam, because then they an spam you
> more.
Remote objects aren't loaded by default, that's another tickbox.
Jonathan
More information about the kubuntu-devel
mailing list