Tools & Traps
Attachment Blocking, Not Filtering
Windows Mail will block all attachments with certain extensions, such as .exe, .vb, .prg, and so on. There is no way to allow a friend to send an attachment with such an extension and have it pass all blocking checks when this is enabled. However, you can disable the feature and then reenable it after you receive the attachment. The other option, as is often the workaround, is to Zip the file prior to receipt.
Despite the similar function of Internet Explorer zone integration, automatic downloading and display of images and other HTML content is managed separately and is enabled by default. Right-clicking a message with such content and choosing to display images is all that is required, unless a user chooses to change the setting here. This setting is a continuation of the security that was originally lacking in Outlook Express and that created enormous vulnerabilities.
Although not enabled by default, a number of options for further securing the transport of mail are available. Under the Secure Mail section, any Vista user now has the ability to use certificates for authentication and to encrypt messages during transfer. The bottom two checkboxes detail these options, but the top two options for Digital IDs (certificates) are what wed like to focus on for a moment.
If you choose the Get Digital IDs option, Windows Mail opens an Internet Explorer page at the Microsoft Office Web site that details various sources for obtaining digital certificates. These are not provided for free; rather, Microsoft provides the less savvy user a directory of providers.
Tools & Traps
Although Microsoft will kindly guide you to a site where you can obtain additional certificates, most Vista clients will have a plethora of certificates already installed on the machine. You can view these from within Windows Mail by selecting the Trusted Root certificates tab in the Certificate Import Wizard. Figure 8.7 shows this window as it is seen by default during an import, but selecting any of the other tabs will reveal a whole world of digital authenticity already built into Windows Vista and available to Windows Mail.
Once you have a digital certificate, you can import it into Windows Mail via the following steps:
1. Within Windows Mail, navigate to Tools | Options.
2. Choose the Security tab.
3. In the bottom section of the Security page (refer to Figure 8.6), find the section labeled Secure Mail and select the button for Digital IDs.
4. The next window is labeled Certificates. Here there are six tabs for organizing and displaying the type of digital certificates already installed and available. To continue importing a new certificate, click Import.