Security for Everyone

E-mail Best Practices

If you need assistance implementing these steps, please contact the ITU Support Center at (703) 993-8870.

There is a list of directions to turn off HTML e-mail on almost any e-mail program at: http://www.expita.com/nomime.html. If your e-mail program is not listed below, check there for instructions. Programs are listed in alphabetical order under the "Suggestions for HTML users" link.

How? (Instructions from Expita.com)
Netscape 7.1:
1. Start Mail & Newsgroups.
2. Click "Edit."
3. Select "Mail & Newsgroups Account Settings."
4. Uncheck the box in front of "Compose Messages in HTML Format." ( As an alternative, you can select "View Settings for this Account" under "Accounts" after starting Mail & Newsgroups.)
5. Click OK.
Outlook XP:
1. With a message open, on the menu bar select "Format."
2. From the "Format" menu, select the format you want to change the message to. The menu list offers three choices. (Plain Text, Microsoft Rich Text, and HTML.) Select "Plain Text."
3. If you use Microsoft Word as your e-mail editor, these options may not be available.
Mac OS X Mail:
1. Launch Mail.
2. From Mail menu, choose Preferences.
3. Click "Viewing" icon.
4. Deselect the "Display Images and embedded objects in HTML messages" option.
Hotmail:
1. Click on "Compose tab", address the message and fill in the "Subject" line.
2. Before composing the message, click on "Tools" (next to "Copy message to sent folder").
3. Click on "Rich-text editor OFF" to turn HTML email off.
4. If you receive a pop up message "Are you sure you want to do this?" Click "OK" and wait for text formatting tools to disappear.
5. NOTE: If you are using Netscape, then you will NOT be given the the choice to turn ON/OFF RTF formatting. Messages will be sent in plain text format.
GMail:
1. Directly under the Gmail logo, click the "Compose Mail" link.
2. At the new message, look at the line just above the composing text box. If there is a link that reads "Rich Formatting>>" you are already using plain text format. If it has a line of formatting icons, and then a link that says "<<Plain Text", click the "<<Plain Text" link to use non-HTML e-mail.
Yahoo!:
1. Select "Mail Options" from right-hand side of main toolbar.
2. From "Mail Options" screen select "Signature."
3. If using Internet Explorer, next to "Editor" select "Plain."
4. If using Netscape or other browser, next to "This signature is:" select the "plain text" bullet.
5. Click Save button.
When Replying or Forwarding, edit the previous text and remove all footer material before adding your new text.

If using Internet Explorer (not available in Netscape and other browsers) when in the "Compose" window, make sure "Plain" is selected rather than "Color and Graphics". These two choices are a toggle switch. Clicking on one activates it and turns off the other.

In any browser, also make sure the "Allow HTML tags" checkbox at the bottom is NOT checked.

Why? HTML e-mail is not plain text, it is a format that may contain a mini-program. You get dozens emails daily. Every time you read an HTML email message - you could be getting a mini-program that is potentially malicious.

Previous Step | Next Step

Steps to take for Windows Users
Steps to take for Mac Users
Security tips for all users:
	Activate a Password Protected Screensaver
	Use Strong Passwords for All of Your Accounts
	Automatically Receive Critical Updates
	Verify Antivirus Software is Configured Properly
	Use Anti-Spyware Software
	Use Unique Passwords for all User Accounts
	Back Up Files As Needed
	Never Open Suspicious E-mails or Attachments
	Use SSL or https for Online Transactions
	Reformat Hard Drive if Owner Changes
	Use Secure Shell for Transferring Files
	E-mail Best Practices
FOR WINDOWS USERS ONLY:
	Use Windows XP Prof. or Vista
	Browse Safely

Security for Everyone

E-mail Best Practices

Steps to Secure Internal Use Only Data: