Heidi wrote: > As I have seen here on the list that some do not recommend that > Outlook or Outlook Express be used for e-mail due to security holes, I > would appreciate recommendations. > Other people have gone over some of the many security issues involved in this architecture. While I agree with these analyses, it is unlikely that Heidi can respond to all of them in a timely fashion. Here's my shopping list of things that can be done quickly, sorted in priority-order of "bang for the buck": 1. Chang mail client from MS Outlook to ANYTHING else. It doesn't matter what you choose, it will be better than Outlook for security. Why? Because, apart from being the target of choice for virus hackers everywhere, Outlook eagerly executes vbscript in mail attachments, making it all too easy to craft e-mail virii that self execute as soon as Outlook's preview pain sees the e-mail. Any alternate mail client is better. Some practical choices for Windows desktop users are: * Eudora: as others have pointed out, Eudora uses IE to render HTML mail. I THINK (but I'm not sure) that you can get it to use Netscape or Mozilla instead if those are installed as the browser of choice. * Netscape, Mozilla: these browsers come with nice mail clients. It's what I'm typing this note on. They do not have the security problems that Outlook has. * TheBat: lesser known, but growing in popularity. 2. Dump Hotmail: As others have said, involving 3rd party servers in the transmission of confidential info is a bad idea, and using Hotmail is a particularly bad idea. Keep all e-mail with confidential content on servers and clients that you can control. And then make sure you control them :-) 3. Put a virus scanner on your mail servers. I'm sure Jimmy can help you with that :-) 4. Make virus scanners mandatory on client workstations. Make updating the virus profiles at least weekly mandatory on these workstations. 5. Make "personal firewalls" mandatory on these client workstations. These products are not perfect, but they are quite likely to detect hanky panky on the client workstations that involves exporting private data. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX Communications, Inc. http://wirex.com Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Sun May 26 2002 - 11:36:27 PDT