I have just installed AVG Free Ver 7.5 and it is blocking my sending web
pages in the body of emails. I am running XP SP2 on my desktop and using
Outlook 2003 as my email client and IE 6 as my browser. With the browser
open and on a page I want to sent to someone, I pull down the Tools menu and
click on the top item which is email & news. I then click on 'Send Page' and
it opens a composition window with the web page in the body. If I then send
that to someone, AVG blocks the entire web page and the only thing that
comes through is AVG's message that the email has been scanned. I did not
have this problem with Norton.
Does anyone have a suggestion on how to fix the problem and still use
AVG and have it scan the email?

Howard M. Rensin wrote:

Were the answers you got in the other group you multi-posted to
unsatisfactory?

<quote>
Why You Don't Need Your Anti-Virus Program to Scan Your E-Mail
http://thundercloud.net/infoave/tuto...ning/index.htm
</quote>

--
-bts
-Motorcycles defy gravity; cars just suck

Howard M. Rensin wrote:


Seems like it does the right thing.


So you suggested the developers to add this annoyance?

Well, what exactly is your problem? It seems to work exactly as it should:
hinder horribly insecure applications being abused for unsuitable scenarios.

"Howard M. Rensin" <hrensin@gmail.com> wrote in
news:QoydnbkcS8nSqYvVnZ2dnUVZ_uadnZ2d@comcast.com:

E-mail should be plain text, not HTML. The behavior is correct.
If you want to send a web page to someone, send them the URL so they can
visit the page.

If you NEED to send HTML to someone, zip or compress it into a file and
rename the file so that it does NOT end in .zip (I rename mine ..piz)

The rename is because so many viruses have been sending zip files AND
Micro-soft [in their in-finite wisdom] made their mail client execute some
types of files, automatically, so that now, some ISPs filter out all mail
containing zip files as malicious.





--
bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.

bz+csm@ch100-5.chem.lsu.edu remove ch100-5 to avoid spam trap

bz <bz+csm@ch100-5.chem.lsu.edu> wrote:

What's wrong with HTML emails without remote content? Why the
unnecessary inconvenience with ZIP files? I understand that in some
places (e.g. newsgroups) HTML mails are inappropriate, but why this
generalization?


Regards,
Ertugrul.


--
http://ertes.de/

Ertugrul =?UTF-8?B?U8O2eWxlbWV6?= <es@ertes.de> wrote in
news:fv7aq6$ta7$02$1@news.t-online.com:

Oh, here are a few of my reasons:

1) E-mail was originally designed to convey textual information, NOT html.
Information, not 'beauty' or 'cute'.

2) html enabled e-mail clients are executing programs that others have
sent you when they render html coded text.

3) it is practially impossible to 'foolproof' such rendering so as to
protect the viewer from all possible attacks.

4) embeded images in html can tell the sender 'an idiot
just opened the e-mail I sent them' so you just told the spammer that the
e-mail address is a good one. He can now sell it to other spammers.

5) html encoded stuff takes more bytes to transmit. Often lots more.

6) html can be coded so that the viewer sees one link while being sent to a
different place on the web.

7) Those that fight spam OFTEN use text only e-mail client in self defense.
I do.
8) Some discard ALL html encoded and graphic encoded incoming e-mail,
unviewed.


There are several other good reasons that I can't think of at the moment
but they are all related to 'microsoft thought it would be cool to make
messages pretty. They assumed a small offfice environment.' Since they
came up with that bright idea, many viruses have been spread that way.
They keep plugging holes in the dike, but there are more hole yet to be
discovered.

It (html via e-mail) was a bad idea to start with. It is STILL a bad idea.
Nothing I can think of will ever make it a good idea.

Of course, opinions are like noses, everyone has one.

--
bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.

bz+csm@ch100-5.chem.lsu.edu remove ch100-5 to avoid spam trap

Ertugrul Söylemez wrote:
HTML may contain malicious script. Some people set their email clients
to view messages in plain text only.


jc

Ertugrul Söylemez wrote:


<!doctype stupid><html><head><meta name="foo"
content="bar"><title>baz</title></head><body><p>Nothing, it's very readible
if the receiver's client doesn't support HTML.</body></html>


Because there's no standard for it, neither de-jure nor de-facto? because
there is a standard to include some basic formatting (text/enriched)?
Because it's a waste or bandwidth? Because eMail isn't supposed to emit any
formatting? Because HTML is meant for hypertext, not formatted documents?

bz wrote:



Microsoft just copied what Netscape has started. Just that Microsoft's
pseudo-mail clients where really just intended for an isolated small office
environment, and later some stupid marketing fool decided to expose them to
the Internet.

I would not keep posting if I got a real response and not some smartass
comment. I have better things to do than keep asking the same question when
I get an answer and 'change email scanners' is not an answer to an AVG
problem.

"Beauregard T. Shagnasty" <a.nony.mous@example.invalid> wrote in message
news:4816433b$0$7039$4c368faf@roadrunner.com...

Howard M. Rensin wrote:


It is. May I summarize your problems? Abusing Outlook Express as a mail
client and newsreader, an installed virus scanner, and then even having it
interfere with the submission of emails, those are damn serious problems all
resulting in thing not working as intended and being impossible to diagnose.
Solve these problems first and then look if the issues still persist!

How am I supposed to scan my email, if I turn off the scanner?
"Jim Watt" <jimwatt@aol.no_way> wrote in message
news:1use145fhngn0mpo9m5gmmg731do16f3jk@4ax.com...

Howard M. Rensin wrote:
[Top-posting corrected]

As long as you leave the resident scanner running in the background, it
will prevent you from saving, or executing, any viruses you receive in
an email (so long as your definitions are up to date).

The links you were given explain why.

--
-bts
-Friends don't let friends drive Windows

"Sebastian G." <seppi@seppig.de> wrote:

That's why usually there is also a text/plain part. Even the
mail-readers from the Outlook family generate it, so simpler readers can
display them (though the formatting is a mess).


MIME is a standard. It allows multipart-emails. HTML is also a
standard. Together with a standard MIME type name for HTML, that makes
HTML mails completely standardized. It's left to mail-readers how they
interpret the non-text/plain parts. Feel free to use a client, which
displays the text/plain parts only.


A waste of bandwidth? A few kilobytes per person per day? In the times
of home ADSL and gigabit backbone links? Demanding CR/LF instead of
sole LF for telnet-like protocols (including HTTP) must be a waste also.
All text-based protocols, in fact, must be a waste in your view.

You want to know, what _really_ is a waste today? Two people from the
same local subnet listening to the same internet radio station -- that
_is_ a waste of traffic. Not to mention botnets. And the internet
handles even that very well.

But no, MP3 streams via HTTP must be a waste anyway, just like graphics
on web pages and all the other fancy stuff. Back to the roots! \o/


Oh yeah, everything that was made up in the 70s and 80s was ultimate.
There is no reason for inventions. In fact, we don't even need X11 or
OpenGL. Back to phosphor terminals! \o/


Maybe HTML 1.0 was. Today, hypertext is one of many features of HTML.


Regards,
Ertugrul.


--
http://ertes.de/

bz <bz+csm@ch100-5.chem.lsu.edu> wrote:

I've made a statement to most of these in my reply to Sebastian, so you
may want to have a look at <fv9cqq$7e8$02$1@news.t-online.com>, too.


Formatting is not meant to make information beautiful or cute.


Odd, mine doesn't. Maybe I misconfigured it?


HTML is much more complex than plain-text, yes. Still, we have very
good SGML and XML parsers, which are well tested and seldomly fail in a
way that can be exploited. Reinventing the wheel is a bad idea in this
place, so you would just use one of these parsers.

BTW, if it would be that bad, web browsers would be much more hazardous
to use. Consider that a mail-reader would only need a small subset of
the possible HTML extensions, e.g. it doesn't need stuff like JavaScript
and you may even decide to disregard things like CSS).


Read the first sentence of my last reply again.


How? Remember, we ignore JavaScript for mails, and the destination
address is shown in the status bar.


That's okay. I do, too. Though I have an HTML plugin loaded, it
displays the plaintext parts by default, and displays nothing it there
is no plaintext part. I have to specifically select the HTML part, if I
want to view it.

Reason: Some HTML-enabled mail-readers format their plaintext parts
that horribly, that the HTML part is just much more readable. Products
from the Outlook family are one example.


Those people don't do serious business. 90% of my incoming business
emails have an HTML part.


They were the first to use the MIME and HTML standards in that way. How
they did it was rather abusive, but we shouldn't demonize a technology
just because one damn company misimplemented it.


People like you said similar things when color TVs, CRT monitors (as
opposed to phosphor), LCD monitors (as opposed to CRT), graphics cards,
OpenGL, fancy user interfaces, mice, 32-bit processors and other things
came out. They are more complex and so more likely to fail, and we
would never really need them.

It's a matter of taste. Feel free to tell us your opinion, but remember
that your opinion is based on the state of things, not the other way
round.


That sounds like you'd like it to be different.


Regards,
Ertugrul.


--
http://ertes.de/

Ertugrul =?UTF-8?B?U8O2eWxlbWV6?= <es@ertes.de> wrote in news:fv9f6g$io9$03
$1@news.t-online.com:

What is it meant for?

Maybe you and I disagree a bit on what is meant by 'executing programs'.
And maybe you and I see different sides of the problem. You seem concerned
with protecting YOUR computer.

I, on the other hand, clean computers for people after they have been
infected due to clueless use.

'Seldom' is too often.

I see people spend hundreds of hours making their HTML 'look right' on
their screen. They don't realize that the format and display is platform
and browser dependent. Even when it is explained to them, they still don't
'get it' on a deep level and STILL try to make it 'look right' on their
screen. They don't 'get it' until I show them how it looks on another
computer.

Using HTML in e-mail is like gluing flowers on your car's tires.

It looks pretty until your try to use it.

Some of the flowers (roses for example) have thorns and poke holes in the
tires.

They are much more hazardous than you imagine. I see infected machines
every day, usually infected by browsing or reading e-mails.


And do these things come 'turned off' by default?

I turn off all html rendering AND do not 'preview'. Not only that, but any
suspicious e-mail I 'view source' rather than opening.

And I use thunderbird. But the users in my department use Outlook and
Outlook express. Their machines get infected.

When I want to open a suspicious e-mail, I open it on a 'sandbox' machine
running under VMware or boot from a KNOPPIX cd.

Your responsibility seems limited to your machines.

You have a mouse in your pocket? Who is 'we'.
How would you get 40,000 students and 3,000 faculty/staff to 'practice safe
hex'?

That feature can be disabled. It can also be fooled and you seem to assume
that the user LOOKS at the status bar before they click on the link.
I'll bet that even YOU have 'clicked first', sometime.

You assume that all HTML rendering is good and readable. I was just looking
at a web page where text was overlaying other text.

Microsoft's fault.


What you call 'serious business', some others might consider to be chicken
feed.

If you handle your 'serious business' via e-mail, you have a problem.

E-mail never has been and never will be reliable. E-mails get lost.

That is why 'serious companies' do not allow the use of e-mail for 'serious
business'. It IS useful for some things but if you want to make sure your
message gets through, talk to them on the telephone, confirm via fax. Check
via e-mail to make sure the fax got through ok.

90% of my incoming spam has HTML. Eliminating HTML eliminates 90% of the
spam.

I don't demonize it 'just because....'
I 'demonize it' because it was a bad idea and has yet to be implemented
properly.
And because Microsoft continues to mis-implement it!

I have been playing with computers since 1964 and electronics longer than
that.
I have fixed those TVs etc for a living, done board repair on computers for
a living, programmed for a living.

I like 'new and improved' when it is really improved.

You ASKED. I answered.

There are many things I would like to see improved.



--
bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.

bz+csm@ch100-5.chem.lsu.edu remove ch100-5 to avoid spam trap

Howard M. Rensin wrote:


Not at all?

Ertugrul Söylemez wrote:


usually = not quite often?

What about MIME? There the plain/text part you get just reads "This is a
multipart MIME message".



No. It makes HTML files as attachments standardized.


Would you please think of the children^W dial-up users?


No. Actually I think the CR/LF interpretation is the correct one, and HTTP
is supposed to be human-readable on pure terminals.


Well, it's not like my systems would deny the usage of multicast. You have
to blame my ISP.


Stupid. If you want a protocol for formatted documents, then either propose
a standard extension to eMail or a completely new protocol.


Hypertext is the primary feature of HTML, even today.

"Sebastian G." <seppi@seppig.de> wrote:

I can't confirm that.


No, that's the prolog of the MIME message, before the first part stats,
so that non-MIME-compliant mail-readers show the fact to the user.


MIME doesn't have an 'attachment' concept. A MIME message is made up of
parts, none of which are 'main', 'primary' or 'attached'.


The difference is neglible for them. Even if a 33.6 kbit/s dial-up user
receives 50 mails a day, the time difference (for the whole day) will be
about 30 seconds, assuming that the HTML parts are 4 KB in average,
which is pretty exaggerated.


And Unix thinks, LF is the correct one. Who cares? CR/LF is a waste of
bandwidth.


That would be MIME.


Even then HTML also features direct formatting (through tags and
attributes, the 'wrong' way) and indirect formatting (through markup,
the 'right' way). And IMO there is nothing wrong with providing
hypertext capabilities to mail-readers. But that's just my opinion.


Regards,
Ertugrul.


--
http://ertes.de/

Ertugrul =?UTF-8?B?U8O2eWxlbWV6?= <es@ertes.de> wrote in news:fv9t16$om0$00$1
@news.t-online.com:

I suggest you study the SMTP protocol such as RFC2821.
It starts with a 'MAIL FROM:', 'RCPT TO:' and then comes the 'DATA <CRLF>'

ALL of the message, including the 'header' that you see (except for the most
recent section) are part of the
'DATA' section of the message.

There are no separate 'attachments'. It is all part of the DATA.

caviat: some mail gateways limit the size of a single message to about 25
k bytes. This means that larger messages are actually transmitted as a
string of messages that get reassembled by the receiving SMTP mail server.
It also means that that 1 MB HTML formatted message with graphics gets
encoded [8 bit binary takes 2 bytes] and then broken up into about 80
separate e-mail messages.

--
bz

please pardon my infinite ignorance, the set-of-things-I-do-not-know is an
infinite set.

bz+csm@ch100-5.chem.lsu.edu remove ch100-5 to avoid spam trap