The hidden dangers of HTML email

The hidden dangers of HTML email


The hidden dangers of HTML email


As a veteran internet user, I can honestly say that I remember a time when HTML email was not possible. Back then, RTF wasn't available either, and in fact, email programs didn't even wrap lines or allow attachments.

Today, however, I receive a constant and annoying stream of emails of all shapes, colors, and sizes. Almost all promotional ads and many newsletters come in Html format.

Now, spam is annoying, mass spam is even more annoying, but spam with "twirlygigs" is intolerable and dangerous. HTML is for websites. I visit them all the time and enjoy their various amusements. However, email is a tool. A method of communication used to get work done. I receive many regular emails, hundreds of pieces a day usually, due to the support, consulting and writing services I provide. If all of those emails are in HTML format, then I'm stuck looking at potentially hundreds of web pages and thousands of graphics.

HTML email takes longer to download, and it takes longer for me to read. You see, I don't trust HTML email. I have coded many websites in my day and I know that scripts can be hidden in pages. Now, when you combine that fact with the daily news about viruses and worms being sent out, well, that's just terrifying, which is why I don't allow my email program to automatically open HTML-formatted email. I rarely use Outlook and Express now (sorry Microsoft, but I find them too dangerous now), however I'd rather be safe than sorry no matter what email program I use. So, I have my email software set to display all HTML messages as attachments.

Having the email converted to an attachment allows me to immediately see if there are any other files included with the message. And let me tell you, this has saved my butt time and time again! I've lost count of how many times I've received emails with HTML code attached, and malicious code, worms and viruses attached to it. If my email program was set up to "conveniently" display HTML as a web page, many of those attachments would have opened on their own and done who knows what to my system.

So if you receive a lot of email yourself, be careful what you let in. If you run a newsletter or email update service of any kind, please be courteous and at least ASK before sending an HTML-formatted email. And when you have permission to send HTML email, don't include heavy graphics, scripts, or other attachments.

The text may not be as glamorous, but it is much safer and much easier for your readers to read.