Miscellaneous Tips

Contents:

Anti-Virus Email Scanning
- "Certifying" your email
- Scanning Inbound/Outbound
Email Address Munging
Emailing Many People
Should I compose email in HTML?
How Large a File Can I Send...
(More to follow)

Scanning Your Email with Anti-Virus Apps:

Practically every day, I see Usenet posts which state the poster is having trouble receiving (or sending) email. Frequently, the error message given is similar to this:

Server: '127.0.0.1', Protocol: POP3, Server Response: '-ERR AVG 
POP3 Proxy Server: Cannot connect to the mail server!', Port: 110, 
Secure(SSL): No, Server Error: 0x800CCC90, Error Number: 0x800CCC90'

Invariably, the poster is using a big-name anti-virus application, such as McAfee, Norton/Symantec, AVG, etc. These programs intercept your email by using a "proxy" service on the local computer. Often, the proxy becomes corrupted, has its cache filled, or other malady. Sometimes the error message will list your server as "127.0.0.1". This IP number is your own computer.

Close down your email application, open the options to your anti-virus application, turn off the Inbound and Outbound mail scanning, and save. In some circumstances, you may need to reboot your computer after this.

Email "Certification:" While you are there, make sure you have disabled any option that adds a "certification" to your outbound messages. This is only an advertisement as there is no way the application can certify your message is "virus-free." Think about that. If you haven't updated your definitions for ... a week? ... and a new virus comes along, or if it is a zero-day virus, your application will not find it.

Scanning Inbound/Outbound: It is unnecessary to scan Incoming and Outgoing mail. As long as your anti-virus application's resident shield is running in the background, it will prevent you from executing a virus-laden attachment (that it knows about).

Even Symantec (Norton) agrees with this method:

“Even though email scanning is disabled, your computer is still protected from viruses. Norton AntiVirus Auto-Protect will scan email attachments when you save the attachment to the hard drive. After you disable email scanner, be sure that Auto-Protect is enabled, and then run LiveUpdate regularly to insure that Auto-Protect has been optimally configured. Auto-Protect provides real-time virus protection from any source, including the Internet, and will automatically scan email attachments whenever they are accessed.”
Norton Antivirus

For the Norton removal, do only up to Step 2.

There is similar work necessary for removing intrusive McAfee products. Go to the McAfee web site for details. Other details for McAfee available at: wikihow.com

Note that if any particular virus you receive in an attachment is not in your a-v application's database, it will not matter one way or the other if you scan. If you rely on your a-v application, you must keep its database current.

Here is another article stating Inbound and Outbound email scanning is unnecessary.

And here is a similar article from Microsoft!

[in part] “Now before you dismiss me as mad, let me explain why e-mail scanning is unnecessary. Almost every anti-virus program for Windows installs by default a system scan that runs in the background every time Windows starts. This scan is necessary to protect your [Windows] computer. If you receive a virus in an e-mail attachment, the virus cannot do anything at all until you actually open the attachment. more...”
Microsoft on scanning email

Further, practicing Safe Hex , you should never attempt to open an attachment anyhow. You should always save to disk, scan, and only then open it. Never open or execute an unsolicited attachment, and scan those you were expecting, even if from friends or coworkers. Oh, hopefully you are using a modern, secure email application.

Regarding Outbound scanning? All modern emailing viruses have their own internal SMTP engine, and do not attach viruses to emails you send.

Email Address Munging:

A subject that often comes up is "address munging" when posting to Usenet or other places - other than actual email, of course. It is well-known that spammers harvest target addresses from Usenet posts. Forthwith, here are a few guidelines to follow:

Never use someone's real domain name.
It is acceptable to use your ID in the part to the left of the @. Or not.
It is better to not use an ID that may be live at any ISP. Spammers routinely take an ID, and append all known good ISP domains to it.
If you absolutely need a real address to post on the Web, get a throwaway address at a free service, such as Gmail, Hotmail, Yahoo, and others.
And finally, never use someone's real domain name.

Someone posted: "Using something like me@invalid.net is a good choice for a munged e-mail address to avoid spam bots. This goes in the newsgroup client configuration settings." No, it is not a good choice:

"invalid.net" is owned by a person in Oregon, USA.
"invalid.com" is owned by a person in Sweden.
"invalid.org" is owned by a person in Colorado, USA.
The ever-popular bad munge of "nospam.com" is a registered domain name, apparently owned by a person in George Town, Grand Cayman Island. You never know...

It is best to munge with "example.com" or ".net" or ".org", as the domain "example" is reserved for the purpose. However, using "example.invalid" (the TLD of ".invalid") will prevent any respectable mail server from even attempting to relay a piece of mail to the address. It will just bin it.

Here is the RFC on "Reserved Top Level DNS Names":
http://rfc.net/rfc2606.html

Use this: no.name.here@example.invalid

Emailing many people:

When sending a "broadcast" email to a large number of people who don't know each other, put the addresses in the BCC: field (Blind Carbon Copy) instead of the TO: or CC: (regular Carbon Copy) fields. This will keep all the addresses off everyone's computer so that when one of them gets infected with the latest mass-mailing virus, we don't all get copies of it.

I do broadcast emailing for a club I belong to. Most of us know each other. However, in order to protect their privacy, to help keep their addresses from being harvested by spammers, and to prevent the mass-mailing viruses and worms mentioned on the Tips page, I put all the ~100 addresses in BCC:.

If you are emailing a small family group, or a small group of friends who all know each other, then using the TO: or CC: is fine.

If you are a person who forwards jokes, misguided hoaxes, and other stuff to everyone in your address book, it is highly recommended that you do this, using BCC:. Also be sure to strip out all the other addresses the guy/gal who sent it to you didn't remove. There is no point in penalizing all these people by making their addresses susceptible to receiving viruses and spam (because someone you send to has a zombied computer).

Should I compose email in HTML?

In this writer's opinion: Plain Text is for email, HTML is for web pages. There are several reasons for using just plain text.

Most spam and scam comes in HTML. Some people direct all HTML email to the bit bucket.
People using insecure email clients are subject to embedded scripting and malicious downloading. In HTML, you cannot see where a link is actually going to take you. Trust me, it is not to the Citibank web site.
HTML email messages are generally four times the size in bytes. In the broadband age, that might not seem like much, but remember that a lot of places in the world still use dialup connections. People who use Outlook/Outlook Express and "compose" in Microsoft Word will increase the message size tenfold!
Nearly all personal HTML email that I receive has absolutely no "fancy" formatting at all, and therefore no reason to use it. One person sends me email formatted as 20 or 24 point blue Comic Sans font. I have no idea why. An uncle sends me email using Incredimail <spit> with a "stationery" containing attachments of 32 Kilobytes of animated dancing elephants or other buffoonery.

From alt.computer.security, 30 April, 2008:

Using HTML in e-mail is like gluing flowers on your car's tires.

It looks pretty until you try to use it.

Some of the flowers (roses for example) have thorns and poke holes in the tires.

— Posted by "bz"

How Large a File Can I Send in One Email:

Answer: it depends.

Most email services allow up to 10 Megabytes as a maximum size of one email message. Due to the necessary character encoding, required to convert a binary file such as a photo or a movie, to a long string of characters (necessary for an email), you are limited to around 7 Megabytes as a maximum file size. There is an approximate 30% overhead in the character conversion.

Each email you send to a person will count toward their maximum server storage size. If their mail server is near the limit of their allowed size, your email would be rejected.

Consider the type of Internet connection they are using. A 10 MB email will take a very long time to download for someone using a slow dial-up connection. Always ask permission from your recipient before sending large files.

If you are sending from your ISP's own web-based email interface, this large email and attachment will likely be stored in your [Sent] folder, and will count towards your own maximum allotment.

An alternative to emailing large files is to use personal web spaces as storage "buckets". For example, at AT&T Worldnet, you can utilize up to 25 Megabytes of storage space per email ID. The "encoding" is not required in this case. You use an FTP client and send the full file. You upload your file to this space, and give only the URL of the file to the recipient.

Examples:
http://home.att.net/~your-email-id/yourpicturefilename.jpg
http://home.att.net/~your-email-id/yourmoviefilename.mov

FileZilla is a very good, free FTP client, and it is available in versions for all major operating systems. For Linux OSs, just look in your package manager.

The recipient can then download the file at their leisure, and you haven't tied up anyone's mailbox. Once you confirm they have downloaded the file, you would then delete it from your web spaces, using the FTP client again.