email security?

Doug dmcgarrett at optonline.net
Sun Apr 8 01:20:09 UTC 2018


On 04/07/2018 06:29 PM, Peter Flynn wrote:
> On 07/04/18 22:30, Jim wrote:
>> I run thunderbird on various flavors of Ubuntu in text mode.
>>
>> Is there any risk in just opening a suspicious email using thunderbird
>> in Ubuntu?
> I don't know for sure, because I don't know what holes there are in
> Thunderbird, so I avoid opening dodgy emails in it, even though I have
> it set NOT to use HTML.
>
>> If there is risk does using text mode mitigate it any?
> It depends what you mean by text mode -- that is, what mail application?
> If you use UCB Mail, I'd say zero risk, as there isn't any kind of API
> that a virus could latch onto AFAIK. Probably the same applies to mutt,
> elm, pine, etc.
>
>> Would opening it in print preview make it less risky?
> No, probably worse, as that will invoke PDF or other graphics libraries,
> all of which have had known vulnerabilities.
>
> Personally I just delete suspicious emails on arrival (those that
> procmail hasn't already trashed).
One note here: Do not open any email that purports to come from any 
financial institution!
And it may be useful to forward it to *abuse@(financial 
institution).com* because many of those
financial institutions will attempt to track down and stop those emails. 
They are *all* phishing
expeditions!

--doug
>
> It's very unlikely that anyone I deal with would send anything other
> than plain text, and the few who might have to use O365 know better than
> to send me HTML email or OLE embedded features.
>
> Anyone genuinely trying to contact me for the first time, and sending a
> message which looks suspicious, will just have to try another way.
>
> If it might be really, really important, right-click the message and
> pick Save As... and save it as a file somewhere. Then open it with a
> plaintext editor (eg Emacs, vi, gedit, etc). You will at least be able
> to see and examine all the headers for evidence of dodgy origins, and to
> see if it contains plain text in the message body. If the entire message
> looks like hexadecimal, with no readable text at all, then it's been
> sent from a system that leaves no plaintext copy, which I would avoid.
>
> ///Peter
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20180407/c58e443f/attachment.html>


More information about the ubuntu-users mailing list