Mail Filtering with Outlook Express 6

Quote from MS Support "It is important for users to recognize that grayed-out attachments are not safe to be opened, and users should be deleting, not forwarding an email with a grayed-out attachment."

Copied from http://support.microsoft.com/default.aspx?scid=kb;en-us;Q291387

The information in this article applies to:

Microsoft Outlook Express, version 6.0 , for Windows XP

Microsoft Outlook Express, version 6.0 , for Windows XP 64-Bit Edition

Microsoft Outlook Express version 6.0 , for Windows 2000

Microsoft Outlook Express version 6.0 , for Windows NT 4.0

Microsoft Outlook Express, version 6.0 , for Windows Millennium Edition

Microsoft Outlook Express version 6.0 , for Windows 98 Second Edition

Microsoft Outlook Express version 6.0 , for Windows 98

SUMMARY

This article describes several new features included in Microsoft Outlook Express 6 that are designed to protect you against viruses that may be transmitted through e-mail messages.

MORE INFORMATION

Virus Protection features in Outlook Express 6 are found on Security tab of the Tools, Options dialog box.

Using Internet Explorer Security Zone to Disable Active Content in Hypertext Markup Language (HTML) E-mail

Security zones enable you to choose whether active content, such as ActiveX Controls and scripts, can be run from inside HTML e-mail messages in Outlook Express. By default, Outlook Express 6 uses the Restricted Zone instead of the Internet Zone. Microsoft Outlook Express 5.0 and Microsoft Outlook Express 5.5 used the Internet zone, which enable most active content to run. To customize your Internet Explorer security zone settings for Outlook Express:

CAUTION : Changing security zone settings can expose your computer to potentially damaging code. Use caution when you change these settings.

Start Outlook Express, and then on the Tools menu, click Options .

Click the Security tab, and then click either Restricted Sites Zone or Internet Zone (less secure, but more functional) in the Virus Protection section under Select the Internet Explorer security zone to use .

Click OK to close the Options dialog box, and then quit Outlook Express.

Start Internet Explorer, click Internet Options on the Tools menu, and then click Security .

Click Custom Level for the security zone that you selected in Outlook Express. The security settings that you choose apply to Outlook Express as well as Internet Explorer.

To Prevent Applications From Sending E-mail Without Your Approval

If you configure Outlook Express as the default mail handler (or simple MAPI client) on the General tab, Outlook Express processes requests by using Simple MAPI calls. Some viruses can exploit this functionality and spread by sending copies of e-mail messages that contain the virus to your contacts. By default, Outlook Express 6 prevents e-mail messages from being sent programmatically from Outlook Express without your knowledge by displaying a dialog that enables you to send or not send the message. If you regularly use an application that uses Simple MAPI calls to send e-mail as yourself, you may want to disable this protection as follows:

Start Outlook Express, and then on the Tools menu, click Options .

Click the Security tab, and then click to remove the check mark from the Warn me when other applications try to send mail as me checkbox.

Click OK to close the Options dialog box.

Using the Internet Explorer Unsafe File List to Filter E-mail Attachments

To use the Internet Explorer unsafe file list to filter e-mail attachments:

Start Outlook Express, and then on the Tools menu, click Options .

Click the Security tab, and then click to select the Do not allow attachments to be saved or opened that could potentially be a virus check box under Virus Protection .

This option does not enabled by default. If you enable this option, Outlook Express uses the Internet Explorer 6 unsafe file list and the Confirm open after download setting in Folder Options to determine whether a file is safe. Any e-mail attachment with a file type reported as "unsafe" is blocked from being downloaded.

NOTE : The Internet Explorer 6 unsafe file list includes any file types that may have script or code associated with them. To add additional file types to be blocked or remove file types that should not be blocked:

Click Start , point to Settings (or click Control Panel ), and then click Control Panel (or switch to Classic View or View All Control Panel Options ).

Double-click Folder Options .

On the File Types tab, click to select the file type that you want to block or allow, and then click Advanced .

Click to place a check mark (block) or remove the check mark (allow) from the Confirm open after download checkbox.

NOTE : You cannot remove the check from Confirm open after download to allow some file types. For example, .exe files are in the default unsafe file list in Internet Explorer and can not be allowed.

How to Determine When Outlook Express Has Blocked an Attachment

When Outlook Express blocks an attachment, the following alert is displayed in the message alert bar at the top of the e-mail message:

Outlook Express removed access to the following unsafe attachments in your email: file_ name1 , file_ name2 , and so on.