Fixing Windows 98 insecurities

1 - Safe use of HTML format

The following is based solely on my own experience with Windows 98. Use the links in the navigation bar for more detailed help and for other versions of Windows.

Outlook Express

The single largest problem with email security lies in the use of HTML format messages. Even if you do not feel confident in making the security changes required to stop OE infecting you, it is very easy to stop infected HTML messages infecting others. This will stop you from being blamed and prevent the enormous embarrassment of having to write to everyone in your address book apologising for putting them at risk.

In the following diagrams, Outlook Express 5 screens are on the left in light blue, Outlook Express 4 are on the right or below, in light grey. Go to Tools on the main menu.


Click Options.

Tools menuTools menu

In the dialog box click on the Send tab.

Options dialogOptions dialog

If there is a tick next to "Reply to messages in the format in which they were sent" click on the tick to remove it. Now change the Mail Sending Format to Plain Text instead of HTML

Send optionsSend options

Click OK.

Now when you send an email, OE will use plain text. Also, when you reply to or forward an HTML format email, OE will first convert it into plain text. This removes any hidden code that may lie in the HTML code. This simple change is enough to stop someone tracking an email as it is forwarded through a group of friends or employees through a technique now known as email wiretapping which cannot work without hidden HTML code. It is also sufficient to prevent all emails which are infected with worms like ILOVEYOU and KAK from spreading to people listed in your Windows Address Book.

Sending and replying in HTML format safely

You can still use and receive HTML format messages. To send a new message in HTML format or to reply in HTML format, click New Mail or Reply as appropriate

New mail or reply

and let OE start the reply in plain text mode. Click Format on the menu bar of the message.


Now change this specific message from Plain Text to HTML format by clicking on Rich Text (HTML).


Now you have an HTML format email with no risk of using infected, hidden, code that the person who sent you the message may never even have known existed inside it.