Outlook Express

Applies To: Windows Server 2003 with SP1

What new functionality is added to this feature in Windows Server 2003 Service Pack 1?

Plain text mode

Detailed description

The plain text mode feature of Outlook Express provides users with the option to render incoming mail messages in plain text instead of Hypertext Markup Language (HTML). When Outlook Express is running in plain text mode, the rich edit control is used instead of the MSHTML control. You avoid some security issues that result from the use of MSHTML by using the rich edit control.

Why is this change important?

The use of the rich edit control provides an additional barrier to malicious code that is transmitted using e-mail. Computers running earlier versions of Windows XP had a vulnerability to malicious code because Outlook Express processes HTML header scripts in the HTML content. The MSHTML control automatically executes these scripts. The rich edit control does not execute HTML scripts, so this is mitigated. Because plain text e-mail does not require HTML header processing to be displayed properly, there is usually little visible difference from this processing change in standard message formats. Portions of e-mail messages that do not appear to render correctly are relying on HTML rendering and could present a danger to your system.

What works differently?

The following Outlook Express features are not available when running in plain text mode:

  • Changing text size to a larger or smaller font.

  • Full text searching through the body of a mail message.

You can configure plain text mode in several ways, including:

  • Reading a message.

    In Outlook Express, on the Tools menu, click Options, and then click the Read tab. Select the Read all messages in plain text check box.

  • Composing a message.

    In Outlook Express, on the Tools menu, click Options, and then click the Send tab. Under Mail Sending Format, select the Plain Text option.

  • With a new menu option.

    On the View menu, click Message in HTML.

    This new menu item switches the current message view to HTML if it is currently in plain text view, both in the preview display as well as in the full message display.

How do I resolve these issues?

If you are sure that the source of an e-mail message can be trusted and you want to use the full feature set that is provided with the MSHTML control to support rich HTML e-mail for reading or composing, you can switch to the HTML mode by using the View menu option procedure as described above in "With a new menu option."

Limit external HTML content downloads

Detailed description

This Outlook Express feature helps users to avoid getting repeated spam mailings by preventing the user from unknowingly validating his or her e-mail address to spam originators. Businesses that use spam as a marketing technique typically include references to images that reside on their Web servers inside the e-mail message. Some of these spam e-mail messages contain single pixel images that are not visible to the recipient of the e-mail so that the recipient will not be aware that there is any content that is malicious. When the user opened an e-mail that contains the image, previous versions of Outlook Express automatically contacted the Web server to download and display the images. When the request for the image was made to the Web server, it could ascertain that a spam e-mail message was received by an active e-mail account, which validated the e-mail address in the spam originator’s mailing list. Now, when the Block images and other external content in HTML e-mail setting is enabled, the default behavior of Outlook Express changes so that it does not contact the Web server to download external content, which helps prevent the verification of the e-mail address with the spam originator. This download behavior is configurable and is enabled by default when you install Windows Server 2003 Service Pack 1.

This feature also helps to minimize a common problem that is experienced by people whose computers use dial-up network connections. Prior to implementing this feature, if users downloaded mail messages and then disconnected their network connection, when they attempted to view an HTML messages that included pictures or other external Internet content, their modem would automatically start to dial out to download the external content.

Why is this change important?

This feature increases the privacy that is provided to users of Outlook Express. Their e-mail address is not automatically validated by the Web server of spam originators without their knowledge when a spam e-mail message is opened. Using this feature may result in the following advantages:

  • The user receives less spam.

  • The user is less distracted by the receipt of spam.

  • Automatic attempts by a user’s modem to reconnect to the Internet after receiving HTML e-mail decrease.

What works differently?

Implementing this feature in Outlook Express helps prevent the rendering of pictures in HTML e-mail if the pictures must be retrieved from servers that are in either the Internet or Restricted Web content zones. This new default behavior results in the user’s name not being validated by the Web site hosting the pictures, which makes the user’s e-mail name less useful to spam senders. This may result in the user getting less spam over time.

To communicate that these pictures are missing, there is now an External Message Information Bar that is displayed in both the Outlook Express message window as well as in the preview area. This External Message Information Bar appears whenever the message contains references to external Internet content, such as images or script and the options are set to render the message in HTML.

When Outlook Express blocks content, the actual image is replaced with the standard placeholder for the blocked image in the text of the mail message. Images are the only blocked items that provide a visual cue that something is not being displayed. For sounds, IFrames, and other content, there is no visual indication in the body of the mail message. When users print an HTML e-mail that has blocked content, Outlook Express prints the e-mail exactly as it appears on the screen, with a placeholder for the blocked images. The external content is not downloaded.

An added benefit of this feature is that it minimizes a common dial-up user problem: undesired automatic dial-up network connection attempts. When viewing an HTML e-mail message off-line, previous versions of Outlook Express would automatically dial out to connect to the Internet and retrieve any reference images. However, because almost all external HTML references in e-mail messages point to resources on the Internet that are part of the Internet zone, the content is not displayed by default and a dial-up network connection is not requested.

How do I resolve these issues?

To turn off all external content blocking, on the Tools menu, point to Options, and then click Security. Clear the Block images and other external content in HTML e-mail check box. From that point, no content is blocked, which returns Outlook Express to the prior behavior of automatically downloading external content.

To explicitly download external content for an e-mail message, click the External Message Information Bar to download the external content that was included with the message.

Attachment Manager API integration


Outlook Express now integrates a new set of application programming interfaces (APIs), called the Attachment Manager, to check e-mail attachments. This allows applications to eliminate custom code that performs similar safety checks and instead rely on this centrally-managed API set. The use of Attachment Manager provides a consistent user experience across all applications that check the security of an attachment.

Why is this change important?

It is important to have a more unified approach for attachment security across all Windows applications. This helps to ensure that users get a consistent experience with regard to the security check performed on attachments.

What works differently?

Apart from the consistent user experience, this feature does not provide any visible change to the user.

Do I need to change my code to work with Windows Server 2003 Service Pack 1?

There are several differences in functionality that a developer should be aware of.

When API names are provided, they are the Attachment Manager API. If the Do not allow attachments to be saved or opened that could potentially be a virus setting is disabled, Outlook Express calls SetReferer() and passes https://URL as a parameter. This is done so that the subsequent call to CheckPolicy() considers Outlook Express to be in the Internet Web content zone. Attachment Manager discriminates differently, depending on whether the caller is in the context of the Internet or Restricted security zones. The following sections provide overviews of different behaviors that the Attachment Manager API supports.

Behavior when previewing a message that includes an attachment

Before the preview area is rendered, CheckPolicy() is called to determine the state of the menu options associated with the attachment icon in the preview area header, and the corresponding actions as follows:

  • If CheckPolicy() returns E_Fail (dangerous attachment), S_OK, or S_False (safe attachment), there is no change to the previous functionality of Outlook Express.

  • Opening the attachment saves the file as a temporary file and then calls Execute() to execute the file instead of the currently used ShellExecute() call.

  • If Execute() fails, subsequent user actions are handled by Attachment Manager.

  • When the Save Attachments dialog box is opened, the list of attachments contains items that are enabled in the menu. Blocked attachments do not appear in the Save Attachments dialog box. When the user selects the destination folder and clicks Save, Outlook Express saves the files to the specified folder and then calls Save() on each of the saved files.

In the case of previewing mail with multiple attachments, CheckPolicy() is called on each of the attachments. Depending on whether the return value is E_Fail, or S_OK, or S_False, Outlook Express either disables or enables the attachment name in the menu.

In future implementations, Save() could fail if CheckPolicy() does not return S_OK. In this case, Outlook Express will display the error message "The following attachments were not saved because they could not be verified as being safe", followed by a list of failed files.

Behavior when reading a message that includes an attachment

Before the Outlook Express message window is rendered, CheckPolicy() is called for every attachment to determine which attachments are shown and which are blocked from access to the user.

  • If CheckPolicy() returns E_Fail (dangerous attachment), S_OK or S_False (safe attachment), Outlook Express behaves just as it did in the past. Double-clicking the attachments that are displayed in the Attach area of the message window follows the exact same steps as described when executing attachments from the preview area.

  • When the user clicks Save As, selects the destination folder and file name, and then clicks Save, Outlook Express saves the attachment in the specified folder and then calls Save() to sync.

  • Selecting Print is similar to running the attachment, except that, instead of calling Execute() without any parameters, Outlook Express issues a call to Execute("print"). All other tasks, such as saving the file to a temporary file remain the same as when executing the attachment.

  • If the Do not allow attachments to be saved or opened that could potentially be a virus setting is disabled, Outlook Express calls SetReferer() and passes https://URL as a parameter. The subsequent call to CheckPolicy() then considers Outlook Express to be in the Internet Web content zone.

Behavior when moving a message that includes an attachment

If the user moves an item to a location outside Outlook Express — for example, dragging a message containing an attachment to the desktop — Outlook Express performs these actions:

  • Generates a temporary file with HDROP.

  • Saves a temporary file

  • Calls Save() on the temporary file

If it is successful, HDROP is made available

If it fails, HDROP is not made available and the drop target is disabled.