On Sun, Apr 05, 2020 at 05:57:53PM -0500, Greg Marks wrote: > I realize this isn't an answer to Vegard Svanberg's original question, > but I think it's a point worth raising: isn't the fact that mutt is > text-based a security feature? > > Thunderbird, which I consider the second-best e-mail client, does have > security settings to prevent it from automatically loading certain > content that might contain exploits. But it seems to me that mutt does > it one better by, for example, forcing users to take extra steps to click > on hyperlinks, which is a bit of extra defense against spear phishing. > Indeed, by seeing the raw HTML you can avoid a malicious hyperlink that > doesn't match the link text displayed.
This is one of my big reasons for using Mutt: it doesn't open *any* attachment unless and until I tell it to. If I don't trust an attachment, I can copy it out and use my kit of file torture tools to extract its secrets. -- Mark H. Wood Lead Technology Analyst University Library Indiana University - Purdue University Indianapolis 755 W. Michigan Street Indianapolis, IN 46202 317-274-0749 www.ulib.iupui.edu
signature.asc
Description: PGP signature
