Danger in opening email automatically?
Posted on 2011-10-31
I have endoctrinated my users with a healthy respect for what can arive via email unexpectedly, and they are generally careful about what they open.
I have been recommending that they not use the reading pane or autopreview with their inboxes, reasoning that each of these features essentially opens the email before the user has had a chance to decide about the message's safety.
The question: Do these features really expose our systems to malware, or do they merely open the (presumably harmless) text portion of an email's content?
Autopreview appears to just display text, and I'm hoping that maybe I can relax my recommendations for our users' convenience, if the text portion of email is entirely safe to open.
(Email here is pre-inspected by both Postini and Trend Micro)