I think the issue is email that pulls linked resources from remote
websites.  An email might make it past your firewall/scanner, but then
request a malicious file from a remote server when the user opens it, or
when it appears in a preview pane. Of course, this can happen with
regular webpages as well, though you can control what websites you visit
better than what spam appears in your inbox.

The ideal solution would be to maintain up to date protection on the
machine, and turn off automatic loading of ActiveX scripts in the

Steve Barner, So. Burlington HS

>>> [log in to unmask] 12/23/2004 8:04:57 AM >>>

I have disabled HTML mail on our email readers. I have read where
malicious Java/ActiveX/or something can be embedded in the file. No
has complained to me about this, but I'm wondering if I need to be so
paranoid. Is HTML mail a risk?


Doug Reaves
Bellows Free Academy
Fairfax, Vermont

This email may contain information protected under the Family
Educational Rights and Privacy Act (FERPA) or the Health Insurance
Portability and Accountability Act (HIPAA).  If this email contains
confidential and/or privileged health or student information and you
are not entitled to access such information under FERPA or HIPAA,
federal regulations require that you destroy this email without
reviewing it and you may not forward it to anyone.