Chapter 24. Securing Your System, Messages, and Identity

Microsoft Office Outlook 2007 includes features that can help protect your system from computer viruses and malicious programs, prevent others from using e-mail to impersonate you, and prevent the interception of sensitive messages. Some of these features—such as the ability to block specific types of attachments—were first introduced in Office Outlook 2002. Other security features—such as the ability to block external images in HTML-based messages—were introduced in Office Outlook 2003. This feature enables Outlook to block HTML messages sent by spammers to identify valid recipient addresses. These messaging security features are extended and enhanced in Office Outlook 2007.

This chapter begins with a look at the settings you can use to control HTML content. Because HTML messages can contain malicious scripts or even HTML code that can easily affect your system, the capability to handle these messages in Outlook 2007 is extremely important.

This chapter also discusses the use of both digital signatures and encryption. You can use a digital signature to authenticate your messages, proving to the recipient that a message indeed came from you, not from someone trying to impersonate you. Outlook 2007 enables you to encrypt outgoing messages to prevent them from being intercepted by unintended recipients; you can also read encrypted messages sent to you by others. In this chapter, you’ll learn how to obtain and install certificates to send encrypted messages and how to share keys with others so that you can exchange encrypted messages.

Configuring HTML Message Handling

Spammers are always looking for new methods to identify valid e-mail addresses. Knowing that a given address actually reaches someone is one step in helping spammers maintain their lists. If a particular address doesn’t generate a response in some way, it’s more likely to be removed from the list.

One way spammers identify valid addresses is through the use of Web beacons. Spammers often send HTML messages that contain links to external content, such as pictures or sound clips. When you display the message, your mail program retrieves the remote data to display it, and the remote server then validates your address. These external elements are the Web beacons.


Nonspammers also frequently include external content in messages to reduce the size of the message. So external content isn’t a bad thing per se (depending on how it is used).

Since Outlook 2003, Outlook blocks external content from HTML messages by default, displaying a red X in the place of the missing content. The result is that these Web beacons no longer work because the external content is not accessed when the message is displayed. Messages that fit criteria for the Safe Recipients and Safe Senders lists are treated as exceptions—the external content for these messages is not blocked.


You can rest the mouse pointer on a blocked image to view the descriptive alternate text (if any) for the image.

When you preview an image in the Reading Pane for which Outlook 2007 has blocked external content, Outlook 2007 displays a message in the InfoBar, indicating that the blocking occurred (see Figure 24-1). You can click the InfoBar and choose Download Pictures to view the external content. Outlook 2007 then downloads and displays the content in the Reading Pane. The same is true if you open a message; Outlook 2007 displays a warning message, telling you that the content was blocked (see Figure 24-2). You can click the warning message and choose Download Pictures to download and view the content. Outlook 2007’s blocking of external content for messages in this way lets you take advantage of content blocking without using the Reading Pane.

Click the InfoBar in the Reading Pane to view external content for a selected message.

Figure 24-1. Click the InfoBar in the Reading Pane to view external content for a selected message.

You can access blocked content when you open a message by clicking the InfoBar and selecting Download Pictures.

Figure 24-2. You can access blocked content when you open a message by clicking the InfoBar and selecting Download Pictures.

If you edit, forward, or reply to a message containing blocked content (from an open message or a message displayed in the Reading Pane), Outlook 2007 displays a warning dialog box indicating that the external content will be downloaded if you continue. You can click OK to download the content and continue with the reply or forward, click No to tell Outlook 2007 to forward the content as text without downloading the content, or click Cancel to not open the message or download the content (see Figure 24-3). Thus, you can now reply to or forward a message without downloading the external content (which wasn’t possible with previous versions of Outlook).

You can now forward or reply to a message with blocked content without downloading the content.

Figure 24-3. You can now forward or reply to a message with blocked content without downloading the content.

Outlook 2007 provides a few options to control the way content blocking works. To configure these options, choose Tools, Trust Center, and then click the Automatic Download page. Figure 24-4 shows the resulting Automatic Download settings page.

Configure content blocking with the Automatic Download settings page.

Figure 24-4. Configure content blocking with the Automatic Download settings page.

Configure content blocking using the following options:

  • Don’t Download Pictures Automatically In HTML E-Mail Messages Or RSS Items. Select this check box to allow Outlook 2007 to block external picture content with the exception of messages that fit the Safe Senders and Safe Recipients lists. When selected, this check box enables the five check boxes below it to further refine content blocking.

  • Permit Downloads In E-Mail Messages From Senders And To Recipients Defined In The Safe Senders And Safe Recipients List Used By The Junk E-Mail Filter. Select this check box to allow Outlook to download content if the message is from a sender in your Safe Senders list or is addressed to a recipient in your Safe Recipients list.

  • Permit Downloads From Web Sites In This Security Zone: Trusted Zone. Select this check box to allow external content from sites in Microsoft Windows Security Center/Internet Explorer Trusted Sites zone.

  • Permit Downloads In RSS Items. Select this check box to allow external content included in RSS feeds.

  • Permit Downloads In SharePoint Discussion Boards. Select this check box to allow external content included in SharePoint Discussion Boards.

  • Warn Me Before Downloading Content When Editing, Forwarding, Or Replying To E-Mail. Select this check box to receive a warning about external content when you edit, reply to, or forward a message for which external content has been blocked.

To take advantage of the exceptions for external content, you must add the message’s originating address to the Safe Senders list, add the recipient address to the Safe Recipients list, or add the remote domain to the Trusted Sites zone in Internet Options (in the Windows Security Center).

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.