Glenda Keyworth wrote:

> Is there really any way an HTML email message could perform malicious actions
> through javascript, vbscript, or something like that, or can potentially harmful
> code (or just unwanted things like spyware) only be executed by opening and
> executing an attachment to an email message?

The web page at <http://testvirus.org/> is both a list of the many ways in which
malicious content can be encapsulated in email, and a tool for testing the
effectiveness of your own email virus filters.

--
Paul Russell
Senior Systems Administrator
University of Notre Dame