|
| If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|||||||
|
|
|
Thread Tools | Display Modes |
|
#11
March 1st, 2007, 11:02 PM
posted to microsoft.public.windows.inetexplorer.ie6_outlookexpress
|
|||
|
|||
DBX Folders & Security
On Mar 1, 4:00 am, "Steve Cochran" wrote:
If you are transmitting sensitive banking information, then you should be using encrypted email. steve "racerdog" wrote in message oups.com... On Feb 28, 11:13 am, "Michael Santovec" wrote: I wouldn't be concerned about a trojan finding data in the Deleted Items. It you have a trojan digging through the deleted items, you have worse problems. As for the sending progress bar, OE does a send before receive. On occasion I've seen the send progress bar flash even though I have nothing new in the Outbox. Nothing actually got sent. It seems related the some sequence of events in past sending. It may be that OE is just checking the Outbox to see if there is anything to send. And "empty" DBX file is about 59 KB. If your Outbox.dbx. file is growing beyond that, but you haven't sent anything, what I would do is close OE (without doing a compact), then make a copy of the Outbox.dbx file as Outbox.txt. Then open the Outbox.txt in Notepad. The file has a complicated structure, but you should be able to recognize is there are any suspicious messages in it. -- Mike -http://pages.prodigy.net/michael_santovec/techhelp.htm "racerdog" wrote in message groups.com... On Feb 27, 8:06 pm, "Michael Santovec" wrote: The Deleted Items.DBX file should be growing in size every time you receive junk mail and delete it. That's because the junk mail is copied there when it's deleted. However, the Outbox folder should only grow when you send a message, not receive. Are you running any anti-spam program on your PC? And if so, is it set to send the spam back to the sender or report it to some spam service? That would cause the Outbox to grow. -- Mike -http://pages.prodigy.net/michael_santovec/techhelp.htm "racerdog" wrote in message groups.com... On Feb 26, 11:26 am, "Michael Santovec" wrote: It used to be that if you set the Deleted Items folder to empty on exit (Tools, Options, Maintenance), OE did an automatic compact on it (or maybe it just deleted the Deleted Items.dbx file and created a new empty one). Since the recent update that backs up the DBX files prior to compacting, that no longer happens and you must manually compact the Deleted Items folder. As for the Outbox.dbx, that's for message that you send. It also needs manual compacting periodically. It shouldn't be increasing in size when you receive junk mail, unless either you have an anti-spam program that's set return spam to sender (a bad idea since it only makes matters worse) or you have some virus sending mail without your knowledge. Also see Bruce's reply. -- Mike -http://pages.prodigy.net/michael_santovec/techhelp.htm "racerdog" wrote in message groups.com... Why does OLE create dbx folders with data after receiving junk mail? I have my mail filters set to delete junk mail on arrival as well as emptying the trash folder on exit. However, I'm noticing that the database for the deleted.dbx and the outbox.dbx files are increasing in size after receiving junk mail. Why? Is there a way to configure OLE to stop increasing the size of these two dbx files?- Hide quoted text - - Show quoted text - Compacting does reduce the dbx file sizes. However both the deleted dbx and the outbox dbx files continue to grow in size every time I open OLE and receive junk mail. One thing I've noticed is that if I reload the system (clean install) and restore OLE from backup I immediately start receiving junk mail again. Then I have to go through the process of resetting all my filters etc. Since I use both OL and OLE on the same system I'm wondering if that might be a cause? (although OL uses pst and it seems to work fine - no junk mail problems) What I'd like to know is how to check what's in the dbx files so that when they grow I could open them up and look at them independant of the OLE Client to see what's being exported if anything.- Hide quoted text - - Show quoted text - I reloaded the system platform and removed spam/spyware software to be certain there isn't any interference. The dbx files continue to grow. As a workaround I simply manually delete the two dbx files after closing/compressing OLE. OLE recreates them on the next startup. However, once in a while when I'm rushed doing other work, I sometimes forget to do the cleanup routine. On some of those occasions I noticed a suspect OL function like sending or copying email information to another outside source. Investigation showed the source was a bogus email address but my concern was for the security of the file information at the time. Since I incorporated the workaround dbx cleanup procedure I haven't noticed any further anomalies with OL. But based on the type of data I'm sending through OL it makes perfect sense that an outsider would be interested in using OLE Spam as springboard to gain access to outgoing OL files. If true it's a pretty sophisticated intrusion. (I should probably add that I've intercepted a couple intrusions into a very vulnerable ActionTec Modem firewall. ActionTec has failed to respond to my inquiries about it) I can understand why the deleted folders dbx would grow because of the trash mail being sent to it. (However that raises a security question in my mind. If known code could be extracted from a trash bin by a Trojan for later execution/export of sensitive file information the question arises why save any portion of deleted messages at all? Shouldn't deleted trash be permanently deleted if the client is configured that way?) But I know the outbox shouldn't grow unless I'm sending mail. So my suspicion is that something is loading information into the outbox and sending it using a background resource although I haven't been able to detect the background operation yet. What I'm noticing is that if left alone the OLE Client progress bar displays activity that I think is outgoing mail on launch. (I presume that because the order of operations is send first then receive) I see the little green progress squares at the bottom of the client rapidly progress and then the regular routine of receiving mail begins. That tells me that something is being sent out on launch and I presume it to be data from the outbox to an unknown destination. Is there a way to track it, display it in the sent folder, or discover where the destination is? It makes sense to me because I normally work offline and only come online when transacting business etc. Hence, an intruder would have to use a vicarious operation and wait for me to come online and launch the client to get information. So I guess the best solution at this point would be a dbx eraser at the close of the client. Is there such a thing or would I need to develop that myself?- Hide quoted text - - Show quoted text - The reason I'm concerned and watch for Trojans is because I transfer sensitive Banking and Personal financial information on a regular basis. So there is a high motive to get at my computer. The OE outbox dbx typically grows to about 139k before I delete it. Right now it's at 59k which I know is normal. However, I've seen it as high as 1.9meg and that before I sent out any emails. I'll try the Notepad / text procedure and see what I find. I've done that before but most of it's garbage like you say. But It's been awhile since I've tried it so I'll give that another shot.- Hide quoted text - - Show quoted text - I do use encryption. Here's an interesting development. As I mentioned earlier, (above), I use both OL & OLE. I noticed that Outlook has my personal address book loaded under "Contacts" But I have sub-folders with personal contacts listed there. So I deleted all the contacts from the "Contacts" folder which was fine. However, I noticed that Outlook Express Address book disappeared after I deleted the contacts from the OL "Contacts" folder. That tells me the two are related somehow. I can re-import the personal address book back into OLE but I don't want them to be inserted into OL. But I noticed after awhile they do insert back into OL. So what's up with that? 
|
|
#12
March 2nd, 2007, 12:22 AM
posted to microsoft.public.windows.inetexplorer.ie6_outlookexpress
|
|||
|
|||
|
DBX Folders & Security
racerdog wrote:
major snippage Here's an interesting development. As I mentioned earlier, (above), I use both OL & OLE. I noticed that Outlook has my personal address book loaded under "Contacts" But I have sub-folders with personal contacts listed there. So I deleted all the contacts from the "Contacts" folder which was fine. However, I noticed that Outlook Express Address book disappeared after I deleted the contacts from the OL "Contacts" folder. That tells me the two are related somehow. I can re-import the personal address book back into OLE but I don't want them to be inserted into OL. But I noticed after awhile they do insert back into OL. So what's up with that? Do you have this Registry key?... HKEY_CURRENT_USER \Software \Microsoft \WAB \WAB4 If not, STOP; If so, is there a DWORD named UseOutlook (NB: no space) and is its value set to 1 (one)? If not, STOP; If so, Address Book is configured to share contacts with Outlook, even if you don't use it (can happen with the install of Office). Change the value to 0 (zero), Address Book should be available to you and all should be well. (If that DWORD is not present, don't create it, and don't alter any other DWORD values.) Note that any changes (additions, deletions, edits) made while sharing was enabled will not be available (displayed) in Address Book when sharing is disabled. cf. http://www.insideoe.com/files/wab.htm#share http://support.microsoft.com/?kbid=191946 -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User)
|
|
#13
March 2nd, 2007, 02:21 PM
posted to microsoft.public.windows.inetexplorer.ie6_outlookexpress
|
|||
|
|||
|
DBX Folders & Security
On Mar 1, 4:22 pm, "PA Bear" wrote:
racerdogwrote: major snippage Here's an interesting development. As I mentioned earlier, (above), I use both OL & OLE. I noticed that Outlook has my personal address book loaded under "Contacts" But I have sub-folders with personal contacts listed there. So I deleted all the contacts from the "Contacts" folder which was fine. However, I noticed that Outlook Express Address book disappeared after I deleted the contacts from the OL "Contacts" folder. That tells me the two are related somehow. I can re-import the personal address book back into OLE but I don't want them to be inserted into OL. But I noticed after awhile they do insert back into OL. So what's up with that? Do you have this Registry key?... HKEY_CURRENT_USER \Software \Microsoft \WAB \WAB4 If not, STOP; If so, is there a DWORD named UseOutlook (NB: no space) and is its value set to 1 (one)? If not, STOP; If so, Address Book is configured to share contacts with Outlook, even if you don't use it (can happen with the install of Office). Change the value to 0 (zero), Address Book should be available to you and all should be well. (If that DWORD is not present, don't create it, and don't alter any other DWORD values.) Note that any changes (additions, deletions, edits) made while sharing was enabled will not be available (displayed) in Address Book when sharing is disabled. cf.http://www.insideoe.com/files/wab.ht...m/?kbid=191946 -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User) I checked the registry. 4 DWORD's exist. FirstRun (1); OlkContactRefresh (0); OlkFolderRefresh (0); and UseOutlook (1). I changed UseOutlook to (0). That did the trick. Thank you.
|
|
#14
March 2nd, 2007, 05:44 PM
posted to microsoft.public.windows.inetexplorer.ie6_outlookexpress
|
|||
|
|||
|
DBX Folders & Security
racerdog wrote:
On Mar 1, 4:22 pm, "PA Bear" wrote: racerdogwrote: major snippage Here's an interesting development. As I mentioned earlier, (above), I use both OL & OLE. I noticed that Outlook has my personal address book loaded under "Contacts" But I have sub-folders with personal contacts listed there. So I deleted all the contacts from the "Contacts" folder which was fine. However, I noticed that Outlook Express Address book disappeared after I deleted the contacts from the OL "Contacts" folder. That tells me the two are related somehow. I can re-import the personal address book back into OLE but I don't want them to be inserted into OL. But I noticed after awhile they do insert back into OL. So what's up with that? Do you have this Registry key?... HKEY_CURRENT_USER \Software \Microsoft \WAB \WAB4 If not, STOP; If so, is there a DWORD named UseOutlook (NB: no space) and is its value set to 1 (one)? If not, STOP; If so, Address Book is configured to share contacts with Outlook, even if you don't use it (can happen with the install of Office). Change the value to 0 (zero), Address Book should be available to you and all should be well. (If that DWORD is not present, don't create it, and don't alter any other DWORD values.) Note that any changes (additions, deletions, edits) made while sharing was enabled will not be available (displayed) in Address Book when sharing is disabled. cf.http://www.insideoe.com/files/wab.ht...m/?kbid=191946 -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User) I checked the registry. 4 DWORD's exist. FirstRun (1); OlkContactRefresh (0); OlkFolderRefresh (0); and UseOutlook (1). I changed UseOutlook to (0). That did the trick. Thank you. YW & thanks for posting back. -- ~Robear Dyer (PA Bear) MS MVP-Windows (IE, OE, Security, Shell/User)
|
|
| Thread Tools | |
| Display Modes | |
|
|
Linear Mode
