Are .eml attachments a security risk?

email security microsoft-outlook attachments
14,058

Solution 1

What are the current risk of mails with .eml attachments ?

Risks described in this post are still the risks with mails with .eml attachments because of old IFrame exploits, MIME exploits and viruses like Nimda

In some email clients, such as Microsoft Outlook, .eml files can trigger active scripting that can be used to launch virus activity. Furthermore, other executable file types can be wrapped in .eml files in order to bypass other virus checking scans. Therefore, many ISPs and email servers block the .eml file type.

Is blocking by email service provider still relevant ?

This is debatable topic.

But if service provider wants to take the ownership of filtering emails for you, they must provide you with a quarantine zone where you can check what emails are blocked and if you want them to be delivered or not

Solution 2

The Nimda virus is known to create EML files. When EML files are found as an included attachment it is good practice to scan with anti virus before opening.

Share:
14,058

Related videos on Youtube

EquipDev
Author by

EquipDev

Updated on September 18, 2022

Comments

  • EquipDev
    EquipDev over 1 year

    My email service provider blocks mails with attached .eml files, apparently for security reasons, with the result that I loose relevant mails.

    I have tried to find a description of the current security risk of forwarding mails with .eml files attached, but I could only find posts about 10 years old about vulnerability in Outlook.

    What are the current risk of mails with .eml attachments, and is blocking by an email service provided still relevant ?

    • Johannes Tue
      Johannes Tue about 8 years
      I would contact that service provider and say them that it's not their business to block any email.
    • EquipDev
      EquipDev about 8 years
      I tried that, but they said that filtering in general helps a lot for their other users, and that the filtering is server wide, so now I try to figure out if this filter is actually required, or I can go back to them and say that they can remove it...
    • Moab
      Moab about 8 years
      They should be able to remove attachment filtering on your account only, if they say they cannot try another email provider.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to get outlook email attachment onto a file server?
keyboard shortcut to send a file as mail attachment
Prevent Nail from attaching my message as a .bin file?
Strip attachments from emails to disk but leave a link in the email to the attachment
Integrate GnuPG with Outlook
I am unable to generate a gpg key through the keyring program
How to make my server email me when there are security updates?
Access Prompt keeps asking for GMail password
how do i prevent outlook to keep re sending this email
How to trace an actual IP of email sender?