On Thu, 21 Aug 2003, Karsten W. Rohrbach wrote: Mutt and similar MUAs are prone to misconfiguration, which makes them vulnerable to some degree, but this fact alone does not expose enough surface for implementation of an internet-wide worm attack ;-) So you are saying that all MUA's are prone to vulnerabilities through misconfiguration, and the reason for Outlook's prominence is simply its larger installed base? If so, I completely agree with you. In end-user application design, finding the right mix between security and and convenience (which tend to be mutually exclusive, in one way or the other) is a critical design decision. You get the point. Indeed. I certainly wish Outlook was shipped with more sane settings.
I completely agree. Which is why I discourage people from using Outlook Express as well as Mutt.
So the interesting question in context of this email thread is: what do you encourage them for? My brother has used MH for the last 20 years or so, without ill effect. However, I believe it was also vulnerable in '97 because of its inclusion of metamail functionality. I've been impressed with Ximian's Evolution, but have no false hopes for its intgrity in the face of malicious content. There certainly is no universal best mail client. If I encourage anything, its to use the client folks are most comfortable with. Regards, /k matto --mghali@snark.net------------------------------------------<darwin>< Flowers on the razor wire/I know you're here/We are few/And far between/I was thinking about her skin/Love is a many splintered thing/Don't be afraid now/Just walk on in. #include <disclaim.h>