On Tue, Jun 17, 2014 at 11:51 AM, John C Klensin <john-ietf@xxxxxxx> wrote: > The things that I think have security (or significant > operational) impacts include tracking beacons embedded in > messages to tell the sender (at least) when or if they were read > (privacy problem), embedded large images or text that is > automagically downloaded when the message is opened or earlier > (potential DoS attack), embedded malware and scripts of multiple > flavors even if not intentionally hostile, and so on. Yes, there are many traps for the average user on a MUA that tries very hard to look spiffy. I like mutt ... but an alternative is to use a GUI MUA that where you can keep its behavior conservative. Thunderbird is not bad at that.