I'm one that has been happy with Outlook Express as my newsreader. Until recently. I started using the message rules to setup filters because of spam in the newsgroups. They seemed to work, I experimented with them turning them on and off. The problem I started to have is this. Posts will "sometimes" disappear after I read them, other times I only see responses, no original posts and the responses aren't grouped together. This problem started after I began experimenting with the filter but continues after I have no filters running. Any thoughts on how to fix this problem? Thanks, Mike
It works pretty well as a news reader. I ran it for a while as my "roaming" (laptop) reader, until Forte switched their upstream usenet provider and it was easier to "start over" with Agent than to purge and reset T'bird.
Filtering is very limited in OE. I suggest that you investigate a proxy news reader such as NewsProxy. Google for it ... a free download. Install it and set it up to connect to your news server and then change OE to connect to "localhost." The main benefit is that you will be able to filter out the garbage using Message-ID filter statements. Probably the most used filter entry is * drop Message-ID:*googlegroups*
Yes - remove Butthook Distress from your system, and find a third- party newsreader, like Free Agent or Thunderbird news or google something (with the search engine part - avoid googlegroups like Typhoid Mary.)
It matters not what you *think*. The fact is that using that "application" makes your system vulnerable, and even the best, most knowledgeable "netizen" cannot catch or thwart all the attacks all the time.
Wouldn't it be far better to use an app that does not have such a vulnerability at all?
I would be much more likely to believe your claim if, instead of issuing the impractical challenge above, you ran the free virus scanner at [
] and reported the results here. Or you could hire Rich to do it at his normal hourly rate plus any travel expenses.
I have used OE extensively on Intranets with no connection to the Internet. As for using it to connect to outside servers, I don't do that because Rich Grise is correct. Doing that would indeed "expose my computer to the whole world, ringing the dinner bell for the spamware/spyware/trojan/virus/worm/etc, etc, etc. perps."
Here are just a few of the vulnerabilities that have been found. As soon as Microsoft patches one, another is discovered.
"The NNTP news reader embedded in Outlook Express is vulnerable to buffer overflow, exploiting this vulnerability allows remote attacker to execute malicious code with the rights of Outlook's user."
"A feature of Microsoft Outlook Express can be exploited to evade content filters and persuade an email recipient that an attachment is safe to open - even when it contains malicious code."
"Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field."
"There are several vulnerabilities in Outlook Express 6.0 (and some may apply to OE 5.01/5.5, as well) that affect how the MUA represents attachments. These vulnerabilities allow a malicious e-mail to:
1) Spoof the size of an attachment.
2) Misrepresent the extension of an attachment in the "Open Attachment Warning" dialog.
3) Set an attachment's icon to the default
4) Bypass the malicious file type filter
5) Also, misrepresent the name of the attachment in the "Attachments" listbox."
"Bulgarian computer consultant Georgi Guninski recently showed how embedding malicious script in an Internet mail message can delete files while the victim is reading the message with Microsoft Outlook Express.
"What Georgi did was create the 'nuclear e-mail message,' " claims Richard Smith, president of Cambridge, Mass., tools developer Phar Lap Software ... We have been anticipating something like this for years. In theory, it's no longer safe to read e-mail if you use Outlook Express."
"Microsoft Outlook Express and Windows Mail Multiple Vulnerabilities
"Some vulnerabilities have been reported in Microsoft Outlook Express and Windows Mail, which can be exploited by malicious people to disclose sensitive information and compromise a user's system.
"1) An error in Windows Mail within the handling of UNC navigation requests can be exploited to execute arbitrary code via a local file or UNC path when a user clicks on a link in a specially crafted email message.
"2) An error in the MHTML protocol handler when returning MHTML content can be exploited to read data from another security zone or domain in Internet Explorer when a user visits a specially crafted web page.
"3) An error exists in the MHTML protocol handler when passing Content-Disposition notifications back to Internet Explorer. This can be exploited to bypass the file download dialog box and to read data from another Internet Explorer domain when a user visits a specially crafted web page."
"Multiple vulnerabilities have been identified in Microsoft Outlook Express and Windows Mail, which could be exploited by remote attackers to disclose sensitive information or take complete control of an affected system.
"The first issue is caused by an error in the MHTML protocol handler that does not properly interpret URL redirections, which could be exploited by a malicious web site to bypass domain restrictions and read data from another domain.
"The second vulnerability is caused by a memory corruption error when handling specially crafted local or UNC navigation requests, which could be exploited by attackers to execute arbitrary code by tricking a user into clicking a specially crafted link in an e-mail message.
"The third issue is caused by an error in the MHTML protocol handler that does not properly interpret HTTP headers when returning MHTML content, which could be exploited by a malicious web sites to conduct cross-domain scripting attacks.
"The fourth vulnerability is caused by an error in the way the MHTML protocol handler passes Content-Disposition notifications back to the browser, which could be exploited by a malicious web site to bypass domain restrictions and read data from another domain."
"British e-mail provider MessageLabs.com has reported seeing a number of recent Trojan attacks exploiting a quirk in Outlook Express.
"A successful attack normally depends on the use of some hacker tools that can generate specially crafted e-mail headers carrying an attachment with three file extensions. In fact, this isn?t a particularly new threat, and sophisticated hackers can hand code the headers. What makes it important now is the availability of online tools that make it easy to create these messages.
"One extension is usually associated with an image, such as .jpg. This is visible to the user and is a social engineering attack to get them to open what looks like a safe attachment.
"A second extension is an executable. Outlook Express uses this one to decide what to do with the attachment. The extension will usually be .exe, .pif, .vbs, or .scr.
"The third extension is usually the same as the first and generates an innocent-looking icon for the attachment. Because there's a ?safe? extension to end the string, content filters may ignore the attachment and let it through. Even some filters that check for double extensions can be fooled by this triple extension structure.
"The exploit is especially risky because even a tech savvy user might be tempted to open an infected attachment that appears to be safe, both to the user and to the filter."
misc.business.product-dev: a Usenet newsgroup
about the Business of Product Development.