When you receive an email containing pictures from a new domain in Outlook you c

Question

When you receive an email containing pictures from a new domain in Outlook you can right-click on the address and "Mark this domain as trusted" which will autoload all the photos on future emails.

But the "from" field in an email is spoofable by anyone with a passing knowledge of programming. So my question is does Outlook actually scrutinize the headers and the email's origins? Or is it just setting a text filter for future "from" fields?

Under the latter case if I marked example.com as trusted then any future spam falsely claiming to be from example.com would screw me.

Explanation / Answer

An attacker can do far more than spoof the "from" field. If a mail server is mis-configured, it can be used as a mail relay. In this case a malicious email can be crafted and really be from the domain you trust.

That being said, Outlook is simply applying a filter. Even if it did analyze the headers, how would you handle emails from an organization with multiple email servers? You would have to apply a new filter for every server.

Also, for reasons stated above, it is never a good idea to let your email client load anything automatically.

Related Questions

Navigate

• Browse (All)
• Browse W
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.