The Anti-Outlook Page Note: The original Anti-Outlook page appears to be off-line. Here's a cached copy without the screenshots... Over the years I have grown to dislike the Microsoft Outlook program, as have many others. This page is dedicated to things that show just how crap the product is. * [1]The Friendly Outlook Exploit * [2]The not for your eyes exploit * [3]The "It does not spread every viris" humour * [4]Microsoft see the light * [5]Seen on the net The Friendly Outlook® Exploit Do you want to send a special message to all those people who use Outlook as their mail client? If so just set the "X-message-flag:" header to any text you like and it will appear in their mail headers, nicely highlighted for them. Below is what it looks like in their Inbox. The message is marked with a flag (where the highlighted red circle is), because its special and needs their urgent attention. Here is how your message will appear when they view it, see how the X-message-flag: text is formated in the mail header. (Note the red highlight has been added to indicate where you message is displayed) So what might you want to put in for our Outlook friends? Here are some ideas : * Get yourself a real mail client! http://www.washington.edu/pine/ * Get yourself a real email client. http://www.mutt.org/ * Outlook : A program to spread viri, but it can do mail too. * Outlook : It's a PIM, that's Poorly Implemented Mailer! * Outlook? Viral infections & bugs for the foreseable future. [from [6]Craige McWhirter] * Linux : The choice of a GNU generationi. [from [7]Craige McWhirter] So what do you have to loose! All the enightened people are not going to see it, and you will be doing all those Outlook users a favour given them a nice reminder every time they read your messages! Extra Details I came accross this "feature" when I moved over to Pine from Communicator to do all my mail reading. I occasionally look at the headers of email to see what type of client people use and other goodies. I saw a cool header in a mailing list which was X-Accepted-File-Formats: ASCII .rtf .ps - *NO* MS Office files please. Thinking that was cool I added the same header into all my outgoing mails. Whilst I was there I decided to add a header X-message: What did you expect to see here? as bit of a joke, thinking that if people were to examine the mail headers on messages I send, they might get a laugh. However after doing this I had a few people who use corporate email systems based on Exchange and Outlook what this weird message was showing up at the top of emails from me. Once I saw that something weird was happening with this particular header I tried to track down how it was doing this. After doing lots of tests and trials I worked out that if you used a header of X-message: then Exchange would show it as a flagged message and display what ever text you put in the mail header with a different coloured background. When flagging messags in Outlook you can not normally add your own text, just a select few such as "Follow Up", "Information", etc. However this technique did not work for Outlook if you were not going through an Exhange server, but rather using POP. Then I stumbled on the X-message-flag: which works in Outlook no matter how you get the message in there, Exchange or POP. If anyone finds out any more details of friendly exploit for Outlook or more details on this please send me a mail. For the record this exploit was first [8]announced to the SLUG list on 25th of July 2000. Another header you can use is the Reply-By: . Setthing this with the correct date format such as Reply-By: Tue, 24 Jul 2000 19:02:00 +1000 causes all the text for the message in the Inbox to be red. This really makes your message stick out even more. I have heard that once the date passes Outlook will popup a reminder, but I am yet to verify this myself. Is this really an exploit? No its not really an unintended exploit. It is valid for mail clients to use special header types for their own internal stuff. As long as the header starts with X- which means its an extension then its valid, some RFC's mention this such as [9]822, [10]1154 and [11]1341. Its just that Outlook does not really let you use headers properly, you can't filter or add your own. So if they are happy to create the extension then we might as well use it to our advantage. Update [12]Matthew Brealey reports that if your message is longer than 100 characters Outlook will not even be able to open the message. However the bug has been fixed in Outlook 2k. Another exploit using "begin" Well Jeff Waugh <[13]jdub@slug.org.au> from [14]SLUG has found another exploit. I will let him explain. I've found another way to fool Outlook and Outlook Express into misbehaving, making your emails unreadable. A fun way to do this is by automatically getting your replies to 'break' the MUA. So, over the last week or so, I've set mutt up like this: set attribution = "begin %n quotation:\n" Any reply will start with, for instance, "begin Rodos quotation:" making the MS products show a "quotation.dat" file as an attachment, and no text within the email. Why the two spaces? Because that's important. :) The MS products interpret anything after the word "begin" (at the start of a new line) with two trailing spaces, as an attachment. There's no way that could *possibly* happen out in the wild, is there? ;) Strong stuff, MS. Supposedly, if you do this *anywhere* within the body, begin gotcha. the MS products will regard the rest as an attachment. It's not even restricted to a specific point in the email (say the first line). One wonders why MS couldn't restrict their toying to the headers, instead of trampling all over the body... It works great. I tried it out and if you put the "begin " in the first line you just get a blank mail. In fact you can place it on any line of the email, as long as there is no space between the start of the line and the begin. You can put normal text at the top of your message and then text for just the non Outlook users after a begin. It shows an attachment but as their is no end there is no file! Very cool. An example of what it will look like to an Outlook user is below. So go forth and update those mailer configs. Pine users set your Reply-Leadin and as Jeff mentioned in my set the attribution. Update : Looks like this first surfaced on January 3rd 2000 when Bruce Sterling sent out an anouncement entitled "The Manifesto of January 3, 2000". In the text there was a line that started with begin and then two spaces. Subscriber Laura Stinson then noticed that you could not read the message in certain versions of outlook. Here is a reference to the [15]earlyist source I could find. From there is started to spread around mailing lists. Thanks to [16]Nick Moffitt for pointing this out. Funny This one appeared on my Sydney Linux Users Group mailing list. Its a satirical writeup of "FOOT-AND-MOUTH BELIEVED TO BE FIRST VIRUS UNABLE TO SPREAD THROUGH MICROSOFT OUTLOOK Researchers Shocked to Finally Find Virus That Email App Doesn't Like". Well worth a read! [17]http://www.satirewire.com/news/0103/outlook.shtml Microsoft see the light [18]Jeff Waugh brought to my attention that even Microsoft realise that their product is not all its cracked up to be. He found this link, [19]http://www.microsoft.com/mac/products/office/2001/virus_alert.asp where Microsoft describe how they get around the hideous virus problem that they have allowed on the PC in their email product. Here is what they do Outlook 2001 is not programmable, so there is no object model for hackers to abuse. In addition, HTML scripts and Active X controls are not supported directly in Outlook 2001 on the Macintosh. The Exchange 2000 Server first processes incoming HTML mail from the Web, and for Mac users mail is stripped of Active X controls, and any potentially malicious script. The result is a clean Rich Text Format (.rtf) free from script/viruses (similar to a Word document without macros or VBA). In this way, Outlook 2001 on the Mac can display richly formatted messages, while remaining safe from HTML script-based e-mail viruses. Its a pitty that millions of email users around the world have to use the Windows version that does caused them to remove all this stuff in the first place. But it gets better. Frederic Stark pointed out this great answer on the same page Will the virus impact my Macintosh if I am using a non-Microsoft e-mail program, such as Eudora? If you are using an Macintosh e-mail program that is not from Microsoft, we recommend checking with that particular company. But most likely other e-mail programs like Eudora are not designed to enable virus replication. Seen on the net August 2001 : Yes, this page has made it into Bugzilla [20]http:// bugzilla.mozilla.org/show_bug.cgi?id=56273. Someone requested a feature to be able to add customer headers, one of the reasons was to annoy Outlook users, and this page was cited. Turns out they just made it a [21]duplicate of another more generic request, but thats cool. August 3rd : Another sighting. Some web site [22]www.haddockorg placed an [23]entry in which appeared on their main page for a short time. Got a few hits from that. Maybe its time to revamp the page. [24]Valid HTML 4.0! Edited with Vim © Rodney Haywood 2000 Rodos [25]rodos@haywood.org modified 07-August-2001 Version 1.2 References 1. file://localhost/var/local/gopher/anti_outlook.html#messageflag 2. file://localhost/var/local/gopher/anti_outlook.html#begin 3. file://localhost/var/local/gopher/anti_outlook.html#funny 4. file://localhost/var/local/gopher/anti_outlook.html#mactopia 5. file://localhost/var/local/gopher/anti_outlook.html#seen 6. mailto:craigem@babcockbrown.com 7. mailto:craigem@babcockbrown.com 8. http://www.woa.com.au/lists/slug/2000/200007/msg01503.html 9. http://www.csl.sony.co.jp/cgi-bin/hyperrfc?rfc822.txt 10. http://www.csl.sony.co.jp/cgi-bin/hyperrfc?rfc1154.txt 11. http://www.csl.sony.co.jp/cgi-bin/hyperrfc?rfc1341.txt 12. mailto:webmaster@richinstyle.com 13. mailto:jdub@slug.org.au 14. http://www.slug.org.au/ 15. http://www.viridiandesign.org/notes/101-125/00124.html 16. mailto:nick@zork.net 17. http://www.satirewire.com/news/0103/outlook.shtml 18. mailto:jdub@aphid.net 19. http://www.microsoft.com/mac/products/office/2001/virus_alert.asp 20. http://bugzilla.mozilla.org/show_bug.cgi?id=56273 21. http://bugzilla.mozilla.org/show_bug.cgi?id=16925 22. http://www.haddock.org/ 23. http://www.haddock.org/directory/search/?s=outlook&title=t&url=t&comment=t&d1=2001-08-03&d2=2001-08-03 24. http://validator.w3.org/check?uri=http%3A%2F%2Fwww.rodos.net%2Foutlook;doctype=Inline 25. mailto:rodos@haywood.org .