AquaMail Forum
English - Android => How do I... => Topic started by: KieSeyHow on August 14, 2015, 09:55:25 am
-
I have searched all around AquaMail, but I cannot find how to switch HTML or richtext messages to plaintext. Some of the forums I use only send a few words in the html, or rich text, part of an email, but the full content in plaintext part. I need to view messages as plain-text, or as all massage parts, to copy or quote comments when replying. LinkedIn is especially bad for this, as they have no way to track posts or zero in on comments unless you suscribe to a conversation, then use plaintext in your email client to manage and search for content.
I normally use Thunderbird "view all message parts" option for this on my desktop, but wish to use my tablet for all communications and not be tied to the desk. I tried every email app on the Google Play Store and it seems that this basic option of switching from html, or rich text, view to plaintext is missing from ALL mobile email clients! I found AquaMail during this search, and it IS by far the best and most complete email mobile client available!
Plaintext view is also critical for security, seeing as there are no hover link possibilities with most touchscreen devices to verify URLs before clicking them in messages.
Please, could you add 'view as plaintext' to the message view menu? Even better would be a 'View all message parts' option, similar to the view all headers. This is a critical feature for secuity in an email client.
I am very impressed how complete AquaMail is for a mobile email client. Many of the features, just don't normally show up in mobile apps. AquaMail is actually setting the bar for mobile email features!
Also, could you add RSS support? That would be awesome indeed!
Sorry for posting this here as it is more of a feature request, but the feature request section seems to be locked from starting new topics.
Sent from my SM-P900 using Tapatalk
-
The feature request section is closed, that's correct:
-
The feature request section is closed, that's correct:
Thanks Mike. I did not see that using Tapatalk, it does not show everything...
Sent from my SM-P900 using Tapatalk
-
On several occasions, I was thinking that the "RAW" (or "source") message view (and "view parts") -- as implemented, say in pine/alpine would be useful. I didn't suggest that because I thought it would be very seldom used feature - and only by me...
Well, it sounds like there are other people who have similar needs.
And to avoid any ambiguities:
From what I understand, the "plaintext" ("text-only") view is not the same as the "source" view, - rather what kieseyhow wants is to see the text-only part in the text+HTML messages. But the rational behind this is similar.
Is this a priority among many "nice-to-have" features? That's Kostya's call. I am just adding my +1 voice.
-
Yes, "view source" is not the same as "prefer the plain text part".
However...
Mail apps always (or almost always) give priority to HTML content when both are available (except, I suppose, "mutt", "pine", and others of that type... which I don't have any experience with).
Web mail systems do that too.
So with that in mind, if these messages have defective HTML content, then what does whatever service is sending these (Linkedin?) expect their users to do?
Do they expect everyone to discover "view message source" in whatever mail app they're using? If it's there at all?
How do they expect anyone to even know that something is missing?
To me, that's something that should be fixed in the messages, on the sending side, esp. if this is some sort of automated system.
-
Oh, about RSS -- don't feel like I can take on another project, or go wandering towards far-away pastures (however green they may appear from below) within this one.
-
Yes, "view source" is not the same as "prefer the plain text part".
However...
Mail apps always (or almost always) give priority to HTML content when both are available (except, I suppose, "mutt", "pine", and others of that type... which I don't have any experience with).
Web mail systems do that too.
So with that in mind, if these messages have defective HTML content, then what does whatever service is sending these (Linkedin?) expect their users to do?
Do they expect everyone to discover "view message source" in whatever mail app they're using? If it's there at all?
How do they expect anyone to even know that something is missing?
To me, that's something that should be fixed in the messages, on the sending side, esp. if this is some sort of automated system.
Yes, most people, especially casual computer users, are not even aware the full message content is often available in the plaintext portion of the message.
Plaintext arises from most email clients needing the ability to strip out formatting, for efficiency, display (old clients, terminals, etc etc), news group compatibility, and security. This was a standard feature on all classic email clients, and news readers. However, it is not possible for formatting, tracking, and any sort of obfuscation of URLS and so modern mail clients seemed to have dropped the feature for catering to marketing pressure and tracking. But, as android users know, since we have no mouse cursor, there is no "hover" capability in clients. It is virtually impossible for inexperienced users to know if their emails are phishing attempts, malware, contain hidden scripts or white text, until it is too late and they have inadvertently clicked something.
Plaintext is actually a separate section of the same message, and some messages have both, some only one. Most email clients generate both parts when the message is sent, but it is posoble to have different content in each part, as marketing emails often have. Many phishing mails have nothing suspicious in the plain text part, and dangerous parts only in the richtext section, to try and fool SPAM filters and fool people who cannot see the html part anyhow into whitelisting the address. Some email clients show three parts, html, stripped html (content with code removed), and plaintext.
It is imperative that links are revealed as to the actual URL for security reasons, but most companies ignore this need.
Sent from my SM-P900 using Tapatalk
-
Oh, about RSS -- don't feel like I can take on another project, or go wandering towards far-away pastures (however green they may appear from below) within this one.
Yes, I understand. I will look for a RSS reader. My Thunderbird client has about 20 RSS feeds comprising about 120,000 messages across 8 servers. It is yet another standard that many modern Internet users are just not aware of, like IRC, uuencode, and plaintext. These are older far more efficient and often useful standards that were necessary in the old days of limited bandwidth.
I came across another post about someone complaining about no options for in-line images, well it is actually possible to embed executables, and scripts in-line as well (base64, b64, uue, xxe text blocks) and they can waltze right through the filters in some Android email clients, that was called uuencode before https://en.m.wikipedia.org/wiki/Uuencoding
View as plaintext stops these embedded text blocks cold. All uuencode parts suddenly appear as attachments when the client switches to plaintext view. This was also used to embed printer and modem control codes, or telecommunication response codes back in the day, and can be a severe security threat. In the old days of text only telecommunications, this was the only method available to transmit binaries through analogue modems, by converting everything to text first. Many rendering engines will readily accept and display uuencode binaries and the user has no control. MHT Web archives use uuencode for example to compress entire pages, css, images, scripts, and even video, into a text method of storing binaries as one single web-archive. https://www.google.ca/search?sclient=tablet-gws&num=20&newwindow=1&q=mht+and+uuencode
Sent from my SM-P900 using Tapatalk
-
"there is no "hover" capability in clients"
In AquaMail, you can long press a link and get a popup menu (with actions like View... Copy...) and the URL will be there in the menu's caption. It might be clipped if it's a long one, and could be improved,
"it is actually possible to embed executables, and scripts in-line as well" ... "they can waltze right through the filters in some Android email clients"
AquaMail passes EmailPrivacyTester.com with a "perfect" score.
Don't know if it covers all the cases you've mentioned, but it's fairly comprehensive, and if you'd like to provide more tests (sample messages), I'll be happy to take a look.
"Plaintext is actually a separate section of the same message, and some messages have both, some only one"
Yes, I have heard about multipart/alternative :)
"Most email clients generate both parts when the message is sent, but it is posoble to have different content in each part, as marketing emails often have"
Yes, I'm aware of this too.
Generating both parts in-sync is the sending app's responsibility.
Sometimes they mess up.
Counter-example: the standard Mail app built into Windows 10 (yep, I've already upgraded), when you reply to an HTML message, only puts the new text (actual response) into the HTML part and sends the plain text part back unchanged. LOL.
But let's get back to the issue at hand:
- LinkedIn sends these messages with the idea that their recipients will then "do something" with what's in those messages.
- The messages have text/html and most if not all today's mail apps will display this text/html part and not the text/plain part.
Putting these together:
- LinkedIn sends messages that users are supposed to interact with, and at the same time not really set up for that (the expected interaction).
Does that pretty much sum it up?
Isn't this something that LinkedIn should be concerned about?
And whatever shortcomings there are, once they're fixed / improved, will benefit all LinkedIn's users, whatever mail app they happen to be using?
Shouldn't LinkedIn worry about the fitness / design / usability of the messages *they* send as part of *their* business, not me?
Don't they have a Design Department, with decorated UX Experts, don't they do A/B tests, and all the other things I can't even begin to imagine?
-
"there is no "hover" capability in clients"
In AquaMail, you can long press a link and get a popup menu (with actions like View... Copy...) and the URL will be there in the menu's caption. It might be clipped if it's a long one, and could be improved,
"it is actually possible to embed executables, and scripts in-line as well" ... "they can waltze right through the filters in some Android email clients"
AquaMail passes EmailPrivacyTester.com with a "perfect" score.
Don't know if it covers all the cases you've mentioned, but it's fairly comprehensive, and if you'd like to provide more tests (sample messages), I'll be happy to take a look.
"Plaintext is actually a separate section of the same message, and some messages have both, some only one"
Yes, I have heard about multipart/alternative :)
"Most email clients generate both parts when the message is sent, but it is posoble to have different content in each part, as marketing emails often have"
Yes, I'm aware of this too.
Generating both parts in-sync is the sending app's responsibility.
Sometimes they mess up.
Counter-example: the standard Mail app built into Windows 10 (yep, I've already upgraded), when you reply to an HTML message, only puts the new text (actual response) into the HTML part and sends the plain text part back unchanged. LOL.
But let's get back to the issue at hand:
- LinkedIn sends these messages with the idea that their recipients will then "do something" with what's in those messages.
- The messages have text/html and most if not all today's mail apps will display this text/html part and not the text/plain part.
Putting these together:
- LinkedIn sends messages that users are supposed to interact with, and at the same time not really set up for that (the expected interaction).
Does that pretty much sum it up?
Isn't this something that LinkedIn should be concerned about?
And whatever shortcomings there are, once they're fixed / improved, will benefit all LinkedIn's users, whatever mail app they happen to be using?
Shouldn't LinkedIn worry about the fitness / design / usability of the messages *they* send as part of *their* business, not me?
Don't they have a Design Department, with decorated UX Experts, don't they do A/B tests, and all the other things I can't even begin to imagine?
Yes, they should, but as in most aspects of life, the people who are not aware, are unaware, they are not aware. https://en.m.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
Just as you describe the broken returned message in Windows 10 email client, most people just don't know, that they don't know, what they are doing, and that is because people constantly try to reinvent the wheel, instead of learning or building upon past mistakes. This is sadly the status quo here in Western society now. The blind, leading the blind. This why we have so many secuity incidents and breaches, because no one reads and builds upon older systems, they just rush off and try to recreate without any real experience.
I tried the long press, but it is a risk in case the press is not long enough, and only once is enough to infect and wipe out a device, or fall victim to malware. Also, people are not going to do that, they see what looks like a legitimate message and they tap without thinking. Android is ages behind a PC GUI for security and user feedback. How many times do we open an app, only to have no help, and no idea what an icon does, this is unacceptable for a any GUI. All icons should have the text backup view, or hover text, or tool tips. Why is android specifically designed to have people need to randomly click to find out what is going to happen? All icons need some text hover or alt-text explanation, just like accessibility demands for images on a properly designed website. Malware is going to have no trouble fooling people to do bad things, as people are being trained to click first then try to fix the mess after with Android. It is like most devs have learned nothing from the mistakes learned from 20 years of PC use. Imagine if no knobs or switches were labeled or indexed in a power station, or a piece of heavy machinery?
Sent from my SM-P900 using Tapatalk
-
I should probably give you some screen shots to illustrate the problem, with all parts, missing parts, and obfuscated URLs.
Sent from my SM-P900 using Tapatalk
-
<...>
I tried the long press, but it is a risk in case the press is not long enough, and only once is enough to infect and wipe out a device, or fall victim to malware. Also, people are not going to do that, they see what looks like a legitimate message and they tap without thinking. Android is ages behind a PC GUI for security and user feedback. How many times do we open an app, only to have no help, and no idea what an icon does, this is unacceptable for a any GUI. All icons should have the text backup view, or hover text, or tool tips. Why is android specifically designed to have people need to randomly click to find out what is going to happen? All icons need some text hover or alt-text explanation, just like accessibility demands for images on a properly designed website. Malware is going to have no trouble fooling people to do bad things, as people are being trained to click first then try to fix the mess after with Android. It is like most devs have learned nothing from the mistakes learned from 20 years of PC use. Imagine if no knobs or switches were labeled or indexed in a power station, or a piece of heavy machinery?
Sent from my SM-P900 using Tapatalk
While I agree with you that Android design in general is far from secure, I'd disagree that everything has to be dumbed down and labeled. (It is actually the feature of the Western society to expect everything dumbed down.) Or rather, I thing that there should be some optimum balance.
[ Philosophical exercise ]
When you come to a stylish bathroom (in a house or hotel), and the vanity or shower faucets are not labeled with red and blue (*). How do you know that the left one is usually hot and the right one is cold (at least in the US/Canada)? And one can argue that it is dangerous to just try it, as you can get scalded.
And I am talking just about old-fashioned 2-valve faucets, while there is a large variety of other devices, where you are supposed to turn, lift, twist, push etc. handles and buttons. Several years ago, I observed how a guest from Europe, an experienced mechanical engineer with a college degree, had a problem turning on the water in one of the public restrooms. And that was after he spent a couple of weeks in the North America, and mastered up a variety of faucets. The secret was simple: the water was activated by a foot pedal below the sink. Who would have thought?!
Yet another example, - look, I am sure you are using TV/DVD/BR/CD/TiVo... remotes. You know that "|>" pictogram means to play, "||" is to pause, "[]" to stop, "<<" and ">>" mean to rewind/advance, etc. How did you figure it out in the first place? There are no pop-up text hints around those buttons. By pressing the buttons!
And it is quite possible that your parents might have stopped you when you tried to push random buttons as a kid. But when you did, - nothing dangerous has happened. That's how most appliances should be made. So, in some sense, a phone should be designed pretty much like that.. Except that now a phone is not a phone, but a computer with an app for making phone calls.
In principle, computers should've been done the same way (and that's what e.g. Apple has done several times, building their success on it- with their Macintosh, iPod, iPhone, -making their best that those would be akin simple appliances, where you can safely experiment with the buttons, scroll wheels, etc.).
But there are two factors:
1. With the popularization and spread of the Internet, the world is no longer disconnected, and all connected devices (including all appliances, including a fridge, car, medical equipment) should be built differently.
2. But somewhere along the way of developing personal computers and software for them (and in part thanks to the fast cycle of development), on one hand it became acceptable that the software can be released and sold undertested. On another hand, for most people (that includes users, but I am talking about developers first) the security paradigm has never caught up. And I am not even talking about privacy - that part has been "sold" in North America (US, Canada, and beyond) and at least Western Europe long time ago.
(For the record, no, I am not hinting at Kostya or Aquamail, - he is much more aware of security and privacy issues than most software developers, even those who work for industries and products where those things are very important.)
[ /Philosophical exercise with examples ]
Now, the "accessibility" features of the websites that are required by the ADA in the US and some CCD and provincial acts (such as ODA) in Canada are not security features. (Since you have some expertise in computer security, I am surprised that you mentioned those features in relation to security.) As you probably know, all the "hover-over" and "img alt" text represent just what was coded there, which might not be the actual link.
-----
(*) Curiously enough, the assumption that red is hot and blue is cold is not universal. f you were to talk to astronomers, they'd tell you that blue for cold and red for hot is wrong, and that blue stars are much hotter than the red ones.
-
... Android is ages behind a PC GUI for security and user feedback. How many times do we open an app, only to have no help, and no idea what an icon does, this is unacceptable for a any GUI. All icons should have the text backup view, or hover text, or tool tips. Why is android specifically designed to have people need to randomly click to find out what is going to happen? All icons need some text hover or alt-text explanation, just like accessibility demands for images on a properly designed website.
...
In AquaMail, you can long press an action icon (e. g. in message view) and get a popup menu with text explanation.
This helpful "feature" works also in Message list view and Account list view...
-
... Android is ages behind a PC GUI for security and user feedback. How many times do we open an app, only to have no help, and no idea what an icon does, this is unacceptable for a any GUI. All icons should have the text backup view, or hover text, or tool tips. Why is android specifically designed to have people need to randomly click to find out what is going to happen? All icons need some text hover or alt-text explanation, just like accessibility demands for images on a properly designed website.
...
In AquaMail, you can long press an action icon (e. g. in message view) and get a popup menu with text explanation.
This helpful "feature" works also in Message list view and Account list view...
This is a good start, but this is not consistent for the entire Android UI. Sometimes, a long press on something, invokes yet another previously unknown action, without any warning, or choice. Because of this, I am not going to randomly long-press on GUI elements, as I have already lost data and invoked unknown actions doing that in other apps elsewhere in the OS (real OS? NOT SURE)
AquaMail is probably one of the most advanced and complete pieces of Android software I have found anywhere to date which is why I purchased it. I just find the overall Android touch interface lacking in many aspects, unless one has a dizitizer enabled mobile device, because of the lack of warnings, explanations, and hover text on most OS-wide UI elements.
I felt the same way about Windows 8 (metro appps), which just felt like an alpha OS to me. Android is not quite as bad, and hopefully it improves, before rampant security breaches, data loss, and identity theft occur.
My hat is off to the AqueMail developer for trying to do his best to improve and secure the entire mobile user experience!
Sent from my SM-P900 using Tapatalk
-
Unfortunately, all it takes for a serious data breach or devastating crypto-virus infection crawling the entire company network, is one simple tap, or click by a less savvy user somewhere in an email message. Security is paramount in any device, and it seems that the entire Android UI should use standard icon themes, with a reference or provide some aspect of warnings and prompts before anything happens.
Sent from my SM-P900 using Tapatalk
-
"In AquaMail, you can long press an action icon (e. g. in message view) and get a popup menu with text explanation. "
Which shouldn't surprise anyone, since it's a standard Android feature.
Yes, I can agree that its' less useful than a mouse hover, and much less well-known, and besides...
... I fully agree that the recent Android UI trend towards "what the hell am I looking at and how do I discover what it does... maybe nothing at all" is crazy.
But that's Mr. Sundar Pichai's problem to worry about (or maybe Mr. Matias Duarte's), and I have absolutely no way to influence them.
-
"In AquaMail, you can long press an action icon (e. g. in message view) and get a popup menu with text explanation. "
Which shouldn't surprise anyone, since it's a standard Android feature.
Yes, I can agree that its' less useful than a mouse hover, and much less well-known, and besides...
... I fully agree that the recent Android UI trend towards "what the hell am I looking at and how do I discover what it does... maybe nothing at all" is crazy.
But that's Mr. Sundar Pichai's problem to worry about (or maybe Mr. Matias Duarte's), and I have absolutely no way to influence them.
Thank you Kostya, I have already discovered this feature.
I do have still a question how I may view the text part of an a mail message, or if that feature could be added.
Sent from my SM-P900 using Tapatalk
-
In theory, it could be added.
In practice, I've got lots -- lots -- of other work to do, and don't see your suggestion having a broad enough appeal.
And since this originally came up in the context of LinkedIn messages, let me just try to summarize my view:
Almost every day I'm asked to deal with something that should be someone else's job (some other company, I mean, at providing *their* services). But -- surprise -- I've got my own work to do.
Maybe I'm *too* each to reach via this forum and email, but, hey, maybe those "reputable transnational corporations" could be doing a better job with support too, why aren't they?
-
Yes, "view source" is not the same as "prefer the plain text part".
However...
Mail apps always (or almost always) give priority to HTML content when both are available (except, I suppose, "mutt", "pine", and others of that type... which I don't have any experience with).
Web mail systems do that too.
So with that in mind, if these messages have defective HTML content, then what does whatever service is sending these (Linkedin?) expect their users to do?
Do they expect everyone to discover "view message source" in whatever mail app they're using? If it's there at all?
How do they expect anyone to even know that something is missing?
To me, that's something that should be fixed in the messages, on the sending side, esp. if this is some sort of automated system.
I was an early adopter of email, before even browsers were invented. So on a pc i normally view the text/plain part by default. Also I like to send plain text too. OK, call me odd!
Wherever I can, I view emails only in plain text to this day. A few months ago I received one that Thunderbird showed correctly as plain text, the html part was present but empty, and I could not read it at all via Aqua Mail.
A few years ago advice was that an email with an html part but no plain text part was most probably spam. I guess this may no longer be the case.
-
"A few months ago I received one that Thunderbird showed correctly as plain text, the html part was present but empty"
The other way around happens too, and fairly often:
"Promotional" or in general, automatically generated messages, because the people responsible (broadly speaking) can't ever get it right, even with all the available libraries. Things like inline images marked as attachments, HTML tags in text/plain, anything really...
I'm not a big fan of excessive formatting myself...
-
Beaky,
This is the trouble I have with mail, especially newsletters. Some newsletters show only shortened versions in the html part, but the full content in text. Also flyers, have a similar issue only showing thumbs in html, but full product descriptions and info in text. This is why I use Thunderbird as a desktop client. I can view both parts stacked one over the other, allowing viewing of all the content, and to verify link destinations.
Sent from my SM-P900 using Tapatalk
-
"A few months ago I received one that Thunderbird showed correctly as plain text, the html part was present but empty"
The other way around happens too, and fairly often:
"Promotional" or in general, automatically generated messages, because the people responsible (broadly speaking) can't ever get it right, even with all the available libraries. Things like inline images marked as attachments, HTML tags in text/plain, anything really...
I'm not a big fan of excessive formatting myself...
Yes, I have received those also. Those are usually hand written messages, or generated forms from a script, or server module. But, in those cases, you have a bank text part, and only content in html part. Some smartphones, expecially the older ones, can only view text mail, so this lack of competence on the part of the email creator, creates a problem.
Viewing both parts, stacked one above the other, would fix this problem and once again set the bar for email mobile clients, which AquaMail has done a few times already.
Sent from my SM-P900 using Tapatalk
-
It is perfectly normal to show inline images as attachments, because well, they are! They are still attachments, just convereted into uuencode and embedded into the body of the message, like MHT archives. When you view as HTML, they show as either images, attachments, or both. When you view as text, they must always show as attachments, since a text only view cannot display any images. But they ARE in fact attachments, no matter how they are handled. You can embed ANY filetype as in-line, that is how newsreaders work!
Very old modems, used to send ALL THE DATA as uuencode, even large binaries downloaded from a website. BBS boards did the same. some of the first viriuses were embedded this way. You can even embed one mine type, inside another this way. In fact, that is how old MS Office embeded images inside documents. Another method is OLE, but OLE does not work very will across domains, as it requires an "image server" CLSID and the software to be present on both the sending and receiving system, and the files in the same relative path locations. But it is still used on some software.
Sent from my SM-P900 using Tapatalk
-
I have a related issue, apparent (partially) on an email received today.
In the left pane, where the message subject appears and then a line from the body of the email, as a brief extract, it shows words not in the html part (right pane). An example today says (as an extract from the body)
"Single Column Responsive Email Template", followed by the first few words that are in the html: "can't view images?...."
The content type is multipart/alternative.
Now in this case I can imagine the "single column responsive email template" part may be buried somewhere in the html, but just not meant to be rendered.
I have seen instances (though rather rare — I cannot now find one) where the one line extract seems entirely unrelated and almost could be designed to deceive. This could be a risk if what is being shown is text that does not appear in the rendered html, but is somehow hidden with deliberate intent to deceive by exploiting the behaviour of email clients.
As the subject line alone does not always suggest what the email is about, but subject line plus the first few words usually does do this, I was wondering if the one line extract always comes from the same "part" as the rest of the message (that is, either the text/plain or the html part)
Related to this, perhaps, the extract is also sometimes entirely blank, where the message is not.
All this is tiny tiny tiny detail, so do not divert from the main task! Still enjoying aqua mail.
-
I have a related issue, apparent (partially) on an email received today.
In the left pane, where the message subject appears and then a line from the body of the email, as a brief extract, it shows words not in the html part (right pane). An example today says (as an extract from the body)
"Single Column Responsive Email Template", followed by the first few words that are in the html: "can't view images?...."
The content type is multipart/alternative.
Now in this case I can imagine the "single column responsive email template" part may be buried somewhere in the html, but just not meant to be rendered.
I have seen instances (though rather rare — I cannot now find one) where the one line extract seems entirely unrelated and almost could be designed to deceive. This could be a risk if what is being shown is text that does not appear in the rendered html, but is somehow hidden with deliberate intent to deceive by exploiting the behaviour of email clients.
As the subject line alone does not always suggest what the email is about, but subject line plus the first few words usually does do this, I was wondering if the one line extract always comes from the same "part" as the rest of the message (that is, either the text/plain or the html part)
Related to this, perhaps, the extract is also sometimes entirely blank, where the message is not.
All this is tiny tiny tiny detail, so do not divert from the main task! Still enjoying aqua mail.
Sorry, tapatalk will not let me quote only the relevant part of your message I wished to respond too... another limited Android app.
Anyhow, I wished to coment about how you felt someone could use the multipart to deceive, or confuse. Yes, and no. Anything you cannot see, unless it is embedded binaries, is irrelevant as far as security is concerned. The security issues arise with malformed URLS and embedded scripts or binaries. Missing message data, is just very annoying if there is no means to view it. And it renders the message effectively, undelivered... Think of it as receiving an envelope at home that you cannot open!
It is perfectly normal to show inline images as attachments, because well, they are! They are still attachments, just convereted into uuencode and embedded into the body of the message, like MHT archives. When you view as HTML, they show as either images, attachments, or both. When you view as text, they must always show as attachments, since a text only view cannot display any images. But they ARE in fact attachments, no matter how they are handled. You can embed ANY filetype as in-line, that is how newsreaders work!
Very old modems, used to send ALL THE DATA as uuencode, even large binaries downloaded from a website. BBS boards did the same. some of the first viriuses were embedded this way. You can even embed one mine type, inside another this way. In fact, that is how old MS Office embeded images inside documents. Another method is OLE, but OLE does not work very will across domains, as it requires an "image server" CLSID and the software to be present on both the sending and receiving system, and the files in the same relative path locations. But it is still used on some software.
Sent from my SM-P900 using Tapatalk
Sent from my SM-P900 using Tapatalk
-
Sorry, tapatalk will not let me quote only the relevant part of your message I wished to respond too... another limited Android app.
On yes you can! need to tap on the pen icon next to the quote, but then you sometimes have to do some hand coding of the quote tags.
Anyhow, I wished to coment about how you felt someone could use the multipart to deceive, or confuse. Yes, and no. Anything you cannot see, unless it is embedded binaries, is irrelevant as far as security is concerned. The security issues arise with malformed URLS and embedded scripts or binaries. Missing message data, is just very annoying if there is no means to view it. And it renders the message effectively, undelivered... Think of it as receiving an envelope at home that you cannot open!
I had in mind "social engineering" rather than security in the sense of risks from embedded code, but fair comment.
-
I had in mind "social engineering" rather than security in the sense of risks from embedded code, but fair comment.
Thank you for the hand coding tip!
Yes, social engineering is, and will always remain, the easiest point of entry into a system. Because most people are not trained or experienced to thwart this method of attack.
Sent from my SM-P900 using Tapatalk
-
Is there any chance of a text view option being added to AquaMail for HTML messages in the future? I am still unable to view some messages properly because the HTML part and the plaintext part are completely different.
Sent from my SM-P900 using Tapatalk