Unauthenticated executable content of any kind has no place in email.
There
is no cause to send unsolicited and unauthenticated Java, Active-X or
Javascript. The <IMG> tag referencing an external object is causing a
programmed action I think it should be blocked by default as well.
HTML worked and works just fine without external references or
executable
content.
+1, I agree strongly.
BTW it's even more complex now, since many legit mail-sending operations
consider "web bugs" (1x1 pixel external IMGs with an identifying tag)
to be good practice in measuring mail views. :(
I know of at least one large financial organisation that refuses to accept
messages containing web bugs. If a few more large groups hopped on the
bandwagon...
N
--
1 1 2 3 4 5 6 7 7
0 0 0 0 0 0 0 5
-- The 75 column-ometer
Global Messaging, A: Top posting
120 Cheapside, x83331 Q: What's the most annoying e-mail habit?
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg