This Web pages is intended for individuals and companies who are concerned about security problems in modern Email readers for Windows 95, 98, and NT operating systems. The page describes specific security problems with the Eudora, Netscape Messenger, and Outlook Express Email readers. The Web page also provides information on how to work-around or solve most of these problems.

Many of these security problems have been introduce in the last year or so with the move to using HTML in Email messages. Unlike ASCII text messages, HTML Email messages can contain rich text and graphics as part of mail message just like Web pages. HTML allows users to create more professional looking Email messages. However, HTML messages can also contain embedded JavaScript programs, Java applets, and ActiveX controls. These embedded programs are automatically executed when an Email message is read. Even though these languages are all considered "safe", there are still many security hazards associated

Backdoors for executing program from Email

Theft of private files using Email

Privacy leaks and Email

Denial-of-service attacks in Email

Miscellaneous

Please send corrections or comments to Richard M. Smith

Last updated Jan. 31, 1999