E Mail

Content

1. overview 2. spam email 3. Mozilla 4. Microsoft 5. Novell GroupWise 2018 WebAccess Client

1. overview

This document presents security-relevant settings for various various email programmes are presented. The email programmes that are used on computers at Fulda University of Applied Sciences must be configured accordingly. If on a computer at Fulda University of Applied Sciences is using an email programme that is not included in this document, the corresponding settings in the programme must be settings in the programme must be made in the same way and the name of the the name of the programme must be communicated to the IT Security Officer of the university must be informed.

An email should only ever be sent as normal text, as the HTML code may contain malicious functions that compromise the computer. compromise the computer. Never click on HTML or Office documents in attachments if the email does not originate from a trustworthy source. If you want to send a formatted text, you should send it as an attachment and explicitly refer to this attachment in your email. in your email.

**Remember that the sender addresses of emails can be forged and that malware emails are becoming increasingly sophisticated. are already very often sent in good German or English and have a sender address that is known to the recipient. There are now even more sophisticated forgeries that reply to reply to e-mails that have actually been sent to the fake sender. actually sent once. This is made possible by the fact that e-mails are read by infected computers and at least partially partially transmitted to criminals so that they can information about the sender, recipient, subject and possibly even the message itself the message itself and use it for their malware email. In this way, the acquaintances of the first victim can then be attacked, as the malware email is very credible as a reply to an email of their own.

If possible, never click on links in e-mails, as the displayed and trustworthy text may conceal a completely may conceal a completely different address (instead of “https://…/download/bericht.pdf” for example “https://…/download/malware.exe”). In the meantime attempts are now also being made to send malware, for example as an encrypted ZIP archive, for example, for which the password for decryption is decryption password is provided in the email. In this way this way, an anti-virus programme can detect the malware software in the attachment of the email, while the recipient recipient can open the archive and execute the malware (the anti-virus programme may still be able to prevent the malware from being executed).

**Check links in emails very carefully, before clicking on them (as a rule, the address is displayed in the address is usually displayed in the lower status bar of the email client when you mouse pointer over the link) if clicking on the link is absolutely necessary. link is absolutely necessary. **Check the file type of an attachment and never click on executable files (.exe, .bat, .com, .msi, …). **Prohibit macros in Office documents (Office_Macros_deactivate.pdf) and do not allow them under any circumstances, if an Office document received as an attachment requires it. **Ask the sender of the email by telephone, whether they have sent you the message with the attachments if you are unsure before you use an attachment or click on a link. click on a link.

Be particularly careful if you receive files with the following file name extensions in an email attachment as such files may contain malware.

File File name extension
Macro-enabled Microsoft Word documents or templates up to Word 2003 .doc, .dot
Macro-enabled Microsoft Word documents or templates from Word 2007 .docm, .dotm
Macro-enabled Microsoft Excel workbooks, extension modules (add-in) or templates up to Excel 2003 .xls, .xla, .xlt
Macro-enabled Microsoft Excel workbooks, Binary workbooks, extension modules (add-in) or Templates from Excel 2007 .xlsm, .xlsb, .xlam, .xltm
Macro-enabled Microsoft PowerPoint presentations, extension modules (add-in) or templates up to PowerPoint 2003 .ppt, .ppa, .pot
Macro-enabled Microsoft PowerPoint presentations, screen presentations, slides, extension modules (add-in) or templates from PowerPoint 2007 .pptm, .ppsm, .sldm, .ppam, .potm
Executable programmes .com, .exe, .msc, .msi, .mst, .scr
Executable script files .bat, .cmd, .js, .jse, .ps1, .vba, .vbe, .vbs, .ws, .wsf, .wsh
Shortcuts .lnk
Control Panel Programs, Windows Jobs, ActiveX Controls, Registry Entries, System Device Drivers, Microsoft Compiled/Compressed HTML Help Files, Microsoft HTML Applications, Program Information Files, Shell Command Files .cpl, .job, .ocx, .reg, .sys, .chm, .hta, .pif, .scf
(encrypted) archives (especially if you are given the password to open the archive in the email) .zip, .jar, .cab, .gz, .7z, .tgz

You should configure Windows in such a way that file name extensions are also displayed in the file manager (Windows Explorer) (they are not displayed by default). Click with right-click on the Windows icon in the bottom left-hand corner of the corner of the screen, select the entry Search, enter the value Explorer options in the search field and then click on the entry then click on the entry Explorer Options Control Panel. In the new window, select the View tab and uncheck the the entry Hide extensions for known file types. for known file types*. Then click on Apply and then on OK.

Some email programmes allow you to request automatic confirmations for the receipt of the email. This feature can be misused for spam e-mail, as the sender of the *e-mail of the email then knows that the address is still in use and is ideally suited for spam e-mail. You should therefore switch off this mechanism should therefore be switched off. If you want to allow confirmations for confirmations for the receipt of a message, you should in any case that you are asked before the confirmation is sent. is sent.

Never save passwords in programmes or files files because you are too comfortable to enter the password each time. each time. As malware can find and collect passwords stored in plain text can find and collect passwords stored in plain text, you invite all potential “hackers” to misuse your user ID. misuse your user ID. Security is increased if you store all passwords with a master password. However, the encrypted passwords can also be collected and possibly “cracked” on powerful computers be “cracked” by trial and error.

Session logs are stored in cookies, which are not required for email. For this reason, this service should be switched off for mail & news groups. *Cookies can also be misused to create a profile of the user. profile of the user, which can then be used for targeted can then be used for targeted spam e-mails.

Since an email should only contain normal text, JavaScript and JavaScript* and plugins for emails should be switched off for security reasons. If you require active elements you need active elements, you should send them as an attachment in a file and explicitly refer to the attachment.

**Never open the attachment of an email before you have checked it for it for viruses, worms, Trojans, … **.

In the settings instructions from chapter 3 onwards “Edit > … > …” means that in the corresponding entry in the menu bar at the top of the programme programme window (e.g. “Edit” or “Extras”) and then “Extras”) and then with an entry in the menu, a tab or another tab or another element that has the corresponding label. corresponding labelling.

Top of page

2. spam e-mail

You can find a good overview of this topic at for example at Wikipedia. At Fulda University of Applied Sciences, spam e-mails are filtered by a spam filter using the keyword “” in the subject: or subject: field field. In very rare cases it can happen that a normal email may be classified as spam. You should note the following for spam e-mail:

  1. do not allow any (automatic) confirmations so that your email address does not register as an active email address “reports” to the sender and you will then receive receive more spam e-mail afterwards.

  2. delete the email without reading or replying to it. reply to it.

  3. do not click on any attachments from spam e-mail.

  4. do not under any circumstances click on any web addresses addresses in the spam e-mail that you can supposedly use to avoid such avoid such e-mails in the future, as this will only only “register” an active e-mail address and receive even more spam e-mails in the near future.

  5. never use your e-mail address for competitions or similar competitions or similar, as this may result in you receiving spam e-mails*. Set up a free e-mail address for such things with any provider for such things, which you can then which you can then delete.

  6. disguise your email address on your web pages, so that it is not found by search programmes and then added to be added to spam address lists.

Top of page

3. Mozilla

3.1. Thunderbird 91.x

Thunderbird wants to save large attachments on a cloud storage server on the Internet and only specify the address of the file in the email. This means that very large files can be sent by email without any problems but you have no influence on what happens to the file on the *server on the server (duration of storage, data protection, etc.), etc.).

You can click with the right mouse button in the “title bar” (the background at the top next to the “Tab”) and select “Menu bar” to get the “old” display, in which you then click on “Tools > Settings” in the menu bar. “Extras > Settings” in the menu bar. Alternatively you can click on the icon with the three horizontal lines in the top right corner horizontal lines and then click on “Settings”. The following selection instructions require an open settings window open. The following settings should should be made:

  1. select “General” on the left-hand side.

  • On the right-hand side at the end of the “Read & View” section under “Define the handling of acknowledgements of receipt (MDN) in Thunderbird”, click on “Receipt notifications…” and then select “Never send a confirmation of receipt” select.

  • On the right-hand side in the section “Thunderbird updates” section, under “Allow Thunderbird “Allow Thunderbird to install updates automatically (recommended: increased security)” should be selected or be selected.

  1. select “Compose” on the left-hand side.

  • On the right-hand side in the “HTML options” section, click on “Behaviour when sending HTML messages:” click on “Sending options…” and then in the section “Text format” section, select the action “Send messages Send as plain text if possible” in the “Text format” section. For “When sending messages in HTML format to recipients who cannot or do not want to receive HTML or do not want to:” select the entry “Convert messages to plain text text”.

  • On the right-hand side, in the section “Attachments” section, tick the box next to “Offer upload for files larger than xx MB” should be removed.

  1. on the left-hand side, select “Data protection & security” on the left-hand side.

  • On the right-hand side in the “Email content” section section, the tick in front of “Allow external content in " should be missing or removed.

  • On the right-hand side in the “Web content” section the following settings should be made.

    • The ticks in front of “Remember visited websites and links and links visited” and “Accept cookies from websites cookies” should be missing or removed.

    • Before “Send websites a “Do Not Track” message that your online activities should not be tracked” should be should not be tracked” should be ticked or be ticked.

  • On the right-hand side, in the section “Passwords” section, all saved “Passwords” can be deleted via “Saved Passwords…” can be deleted. You should never passwords should ever be saved.

  • On the right-hand side, in the section “Data collection by Thunderbird and its use”, the following settings should be should be made.

    • The tick in front of “Allow Thunderbird to send data on technical details and interactions to Mozilla” should be missing or removed.

    • The tick in front of “Automatically send unsent crash reports automatically by Thunderbird” should be missing or removed. removed.

  • On the right-hand side, in the “Security” section the following settings should be made.

    • A tick should be placed in front of “Check messages for fraud attempts (phishing) " should be ticked or set. be set.

    • Before “Enable antivirus software, quarantine incoming messages. quarantine incoming messages.” should be ticked or be set.

    • Before “Confirm current validity of certificates by querying the OCSP server” must be ticked or set.

  1. click again in the top right-hand corner on the icon with the three horizontal lines and then click on “Account settings” or directly on “Account settings” at the top right of the main window. Alternatively, you can also click “Extras > Account settings” if you have activated the menu bar.

  • On the left-hand side, select “Server settings” on the left-hand side.

    • In the “Security and authentication” section section, under “Connection security:”, the item “SSL/TLS” should be selected or be selected.

    • Under “Authentication method:”, the item “Password the item “Password, normal” should be selected or be selected.

  • On the left-hand side, select “Compose & Addressing” on the left-hand side.

    Remove the tick in front of “Compose messages in HTML format format”.

  • On the left-hand side, select “Outgoing mail server (SMTP)” on the left-hand side. Then in the right-hand window click once on the mail server and then select select “Edit…”.

    • Under “Connection security:” the item “STARTTLS” should be selected or be selected.

    • Under “Authentication method:”, the item “Password the item “Password, normal” should be selected should be selected or chosen.

Top of page

4. Microsoft

4.1. Outlook 2010 to 2013

After opening the settings window with “File > Options” Options” has been opened, the following settings should settings should be made:

  1. select “E-mail”.

  • In the “Compose messages” section, in the line “Compose message in this format:”, select the entry Select “Text only”.

  • In the “History” section (further down), you should in the subsection “For each message that contains the request for a read receipt” the line “Never send a read receipt” should be selected or be selected.

  1. select “People” (“Contacts” in Outlook 2010).

In the “Online status and photos” section, tick the box in front of “Show user photos if available (…)” and in front of “Only show names in contact popup (…)” (missing in Outlook 2010) should be missing or removed.

  1. select “Advanced”.

In the “More” section, the tick in front of “Allow sent emails to be analysed to identify people, people with whom you correspond frequently, … and upload this information to the Share Point standard server” should be server” should be missing or removed.

  1. “Security Centre > Settings for the Security Centre…” or “Trust Centre > Settings for the Trust Centre…” select.

  • On the left-hand side, select “Email security” on the left-hand side.

    • In the “Read as plain text” section in front of “Read standard messages in plain text format” should be ticked or set.

    • In the “Script in folders” section before “Allow script in shared folders” and before “Allow script in public folders " must not be ticked.

  • On the left-hand side, select “Automatic download” on the left-hand side.

    • Before “Do not download images in HTML messages or RSS elements not download automatically” should be ticked should be ticked or set.

    • The four items “Download …” should be be missing or removed, as sender addresses can be forged. can be falsified.

    • There should be a tick in front of “Show warning before …”. should be ticked or set.

  1. in “Start”, click on the small down arrow to the right of the icon for “Junk e-mail” (last icon in the “Delete” column). icon in the “Delete” column). In the window that opens, select “Junk e-mail options…” in the window that opens. In the new window, select the “Options” tab tab in the new window.

  • If necessary, select what should be done with spam/junk e-mail.

  • Before “Disable hyperlinks and other functions in phishing messages (recommended)” should be ticked a tick should be set or be set (is only weakly displayed in Outlook 2013, so that no tick could be set).

  • Before “Warn for suspicious domain names in e-mail addresses (recommended)” should be ticked should be ticked or set (is only weakly displayed in Outlook 2013, so that no tick could be set).

Top of page

4.2 Outlook 2016, 2019 and 365

Office 2016 products are generally updated automatically via Windows Update update. For Office 2019 and 365, the update must be initiated via an Office programme. For example, start Outlook 2019 or Outlook 365 and then select “File > Office account”. You should see “Updates are downloaded and installed automatically downloaded and installed” on the right-hand side. If you click on “Update options”, you can force a check and, if necessary, force an update by clicking on clicking on “Update now”.

After opening the settings window with “File > Options” settings window has been opened, the following settings should settings should be made:

  1. select “General” (only required for Office 2019 and Office 365 required).
  • In the “LinkedIn functions” section (at the end on the right) right-hand side), the tick in front of “Activate LinkedIn functions in my Office applications” should be missing or removed. be removed.
  1. select “Email”.

  • In the “Compose messages” section, in the line “Compose message in this format:”, select the entry Select “Text only”.

  • In the “History” section (further down), you should in the subsection “For each message that contains the request for a read receipt” the line “Never send a read receipt” should be selected or be selected.

  • In the “Message format” section for “When sending messages in rich text format to rich text format to internal recipients” the value “Convert to plain text format” should be selected or selected.

  1. select “People”.

In the “Online status and photos” section, tick the box in front of “Show user photos if available (…)” and “Only show names in the contact pop-up (…)” should be missing or removed.

  1. select “Advanced”.

In the “Other” or “Other” section section, the tick in front of “Allow sent emails to be analysed to identify people, people with whom you correspond frequently, … and upload this information to the Share Point standard server” should be server” should be missing or removed.

  1. select “Trust Centre” and then on the right “Settings for the Trust Centre…” on the right.

  • On the left-hand side, select “Privacy options” on the left.

    • Outlook 2016:**

      • Before “Send personal information to Microsoft to help improve Office” the tick should be missing or removed.

      • Before “Allow Office connections with Microsoft’s online services, …” the tick should be missing or removed.

    • Outlook 2019 and 365:** On the right Select “Privacy settings…”. Before “Enable optional connected experiences” the tick should be missing or removed.

  • On the left-hand side, select “Email security” on the left-hand side.

    • In the “Read as plain text” section before “Read standard messages in plain text format” and in front of “Read digitally signed messages in plain text format format” should be ticked or set.

    • In the “Script in folders” section before “Allow script in shared folders” and before “Allow script in public folders " must not be ticked.

  • On the left-hand side, select “Automatic download” on the left-hand side.

    • Before “Do not download images in standard HTML emails or RSS elements not download automatically” should be ticked should be ticked or set.

    • The four items “Downloads …” should be be missing or removed, as sender addresses can be forged. can be falsified.

    • There should be a tick in front of “Show warning before …”. should be ticked or set.

    • Before “Do not download images in encrypted or signed HTML emails” should be ticked or set. should be ticked or set.

  • On the left-hand side, select “Macro settings” on the left-hand side.

    • You must select “Deactivate all macros without notification deactivate” must be selected or selected be selected.
  1. select “Start” in the title bar of the window in the title bar of the window.

  • Outlook 2016:** In the third column, click on the last entry the last entry “Junk e-mail”.

  • Outlook 2019:** In the third column, click on the the icon for “Junk email”.

  • Outlook 365:** Click at the end of the title bar on the three dots (“More commands”) and then on the entry “Junk e-mail”.

Select the entry “Junk email options…” and then select the “Options” tab in the new window.

  • If necessary, select what should be done with spam/junk e-mail.

  • Before “Disable hyperlinks and other functions in deactivate hyperlinks and other functions in phishing messages (recommended)” should a tick should be set or be set (may only be displayed weakly, so that no tick can be set).

  • A tick should be placed in front of “Warn for suspicious domain names in e-mail addresses (recommended)” should be ticked should be ticked or set (may only be displayed weakly, so that no tick can be set).

Top of page

5. Novell GroupWise 2018 WebAccess Client

Select “Tools” from the menu bar and then select the entry “Options…”. The following settings should be settings should be made:

  1. double-click on “Environment”.

  • Select the “Layouts” tab.

    The “Default layout & font when creating” and Create” and “Default layout & font when reading” should be “Plain text” should be set or be set as the or be set.

  • Select the “Standard actions” tab.

    In the sections “External HTML images:” and “HTML scripts:” sections a dot should be set before “Always display warning” or be set.

  • Select the “Design” tab.

    If necessary, tick the box next to “Show flash preview”, if you want to read the message immediately.

  1. double-click on “Send” and then select the “Mail” tab then select the “Mail” tab.

In the “Confirmation of receipt” section, the value “None” should be fields the value “None” should be selected or selected. be selected.

Top of page