Microsoft KB Archive/291387

= Using virus protection features in Outlook Express 6 =

Article ID: 291387

Article Last Modified on 1/31/2007

-

APPLIES TO

 Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0 Microsoft Outlook Express 6.0, when used with:  Microsoft Windows Millennium Edition

 

 </li></ul>

 </li></ul> </li></ul>

-

<div class="notice_section">

This article was previously published under Q291387

<div class="notice_section">

For information about the differences between Microsoft Outlook and Microsoft Outlook Express e-mail clients, click the following article number to view the article in the Microsoft Knowledge Base:

257824 OL2000: Differences Between Outlook and Outlook Express

<div class="summary_section">

SUMMARY
This article describes several new features included in Microsoft Outlook Express 6 that are designed to protect you against viruses that may be transmitted through e-mail messages.

<div class="moreinformation_section">

MORE INFORMATION
Virus Protection features in Outlook Express 6 are found on Security tab of the Tools, Options dialog box.

Using Internet Explorer Security Zone to Disable Active Content in Hypertext Markup Language (HTML) E-mail
Security zones enable you to choose whether active content, such as ActiveX Controls and scripts, can be run from inside HTML e-mail messages in Outlook Express. By default, Outlook Express 6 uses the Restricted Zone instead of the Internet Zone. Microsoft Outlook Express 5.0 and Microsoft Outlook Express 5.5 used the Internet zone, which enable most active content to run. To customize your Internet Explorer security zone settings for Outlook Express:

CAUTION: Changing security zone settings can expose your computer to potentially damaging code. Use caution when you change these settings.
 * 1) Start Outlook Express, and then on the Tools menu, click Options.
 * 2) Click the Security tab, and then click either Restricted Sites Zone or Internet Zone (less secure, but more functional) in the Virus Protection section under Select the Internet Explorer security zone to use.
 * 3) Click OK to close the Options dialog box, and then quit Outlook Express.
 * 4) Start Internet Explorer, click Internet Options on the Tools menu, and then click Security.
 * 5) Click Custom Level for the security zone that you selected in Outlook Express. The security settings that you choose apply to Outlook Express as well as Internet Explorer.

How to Read all Messages in Plain Text (Service Pack 1 Only)
Starting with Service Pack 1, you can configure Outlook Express to read all e-mail in plain text format. Some HTML e-mail may not appear correctly in plain text, but no active content in the e-mail is run when you enable this setting. To read all messages as plain text in Outlook Express Service Pack 1:
 * 1) Start Outlook Express, and then on the Tools menu, click Options.
 * 2) Click the Read tab, and then click to select the Read all messages in plain text check box under Reading Messages.
 * 3) Click OK.

How to Prevent Programs from Sending E-mail Without Your Approval
If you configure Outlook Express as the default mail handler (or simple MAPI client) on the General tab, Outlook Express processes requests by using Simple MAPI calls. Some viruses can use this functionality and spread by sending copies of e-mail messages that contain the virus to your contacts. By default, Outlook Express 6 prevents e-mail messages from being sent programmatically from Outlook Express without your knowledge by displaying a dialog that enables you to send or not to send the e-mail message.

Using the Internet Explorer Unsafe File List to Filter E-mail Attachments
To use the Internet Explorer unsafe file list to filter e-mail attachments:
 * 1) Start Outlook Express, and then on the Tools menu, click Options.
 * 2) Click the Security tab, and then click to select the Do not allow attachments to be saved or opened that could potentially be a virus check box under Virus Protection.

This option is enabled by default in Outlook Express Service Pack 1 (SP1). If you enable this option, Outlook Express uses the Internet Explorer 6 unsafe file list and the Confirm open after download setting in Folder Options to determine whether a file is safe. Any e-mail attachment with a file type reported as &quot;unsafe&quot; is blocked from being downloaded.

NOTE: The Internet Explorer 6 unsafe file list includes any file types that may have script or code associated with them. To add additional file types to be blocked or remove file types that should not be blocked: <ol> Click Start, point to Settings (or click Control Panel), and then click Control Panel (or switch to Classic View or View All Control Panel Options).</li> Double-click Folder Options.</li> On the File Types tab, click to select the file type that you want to block or allow, and then click Advanced. If the file type you want to add is not listed, perform the following steps: <ol style="list-style-type: lower-alpha;"> Click New.</li> In the Create New Extension dialog box, type the file extension you want to add to the unsafe file list.</li> Click OK, and then click Advanced.</li></ol> </li> Click to place a check mark (block) or remove the check mark (allow) from the Confirm open after download check box.</li></ol>

NOTE: You cannot remove the check from Confirm open after download to allow some file types. For example, .exe files are in the default unsafe file list in Internet Explorer and cannot be allowed.

How to Determine When Outlook Express Has Blocked an Attachment
When Outlook Express blocks an attachment, the following alert is displayed in the message alert bar at the top of the e-mail message:

Outlook Express removed access to the following unsafe attachments in your mail: file_, file_ , and so on.

Keywords: kbinfo KB291387

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.