ZZEE   1EAV   1st Email Anti-Virus 4.0 Help
www.zzee.com | Support | You are here: Contents > 6. Settings > 6.3. Message conversion settings

6.3. Message conversion settings

Setting Importance Recommended value Description
Convert to plain text Medium Checked If to translate HTML parts to plain text. Plain text is the most secure option.
Screen width for converted output text Low 72 The maximum length of the lines in the result text. If some line exceeds it, it is wrapped to fit into the width. 

HTML tables and other HTML containers may be the cause that some lines will be wider than the limit, because the HTML-to-text translator follows the lengths set by the tables; at the other hand, it doesn't chop non-breakable items that don't fit into the table columns, instead it enlarges the widths of the columns.

Leave as HTML, but remove all insecure things [such as scripts, iframes, etc] Medium May use this or  "Convert to plain text". If to translate HTML parts to safe HTML. It filters all tags and attributes that may be a security threat: scripts, ActiveX, Java, frames, etc.

This option is needed because plain text lacks HTML markup capabilities: colors, fonts, tables, etc.

Suppress inline downloads [web bugs]: images, etc High Checked If this item is unchecked, then on message view an email client may connect to the internet to download some images or style-sheets, thus sending the identification information and informing that the message is being read. 

It is highly recommended to have this item checked.

Copy original HTML parts to attachments as well High Unchecked If to copy the original, not translated HTML parts to the attachments. Original HTML may have some security threats, and being viewed from inside attachments, the file will be "trusted" by the browser. Thus the file can overcome any security settings of the browser.
ZIP all suspicious attachments High Checked If you don't zip attachments, then some of them may have a virus or Trojan, which can be automatically launched using a vulnerability in the email client program.
Skip zipping files with these extensions High ".zip;.gz;.tar;.tgz;.arj;.rar" Allow only already compressed files to be skipped from zipping.
Process attached email messages recursively High Checked When one email message needs to include the other, it uses message/rfc822 format to contain the other message. This usually happens in the delivery report messages, forwarding, in the message digests, etc. 

The included message can be insecure too, so it should be handled as well. It, in turn, can contain other messages in message/rfc822 format, so it should be done recursively.

1st Email Anti-Virus can process attached messages, so they become secure as well. It is recommended that you leave this option checked, as an intruder may send the harmful message simply as an attached email message, and if you open it, then harmful content may be rendered or executed.

Also this protects from the recently found fragmented message attacks.

Enable S/MIME compatibility High Checked, if you need to have the ability to receive encrypted messages or verify the signature of the signed messages. Unchecked otherwise. S/MIME is the format for signed or encrypted messages. If unchecked, the program will tamper multipart/signed parts by automatically modifying the part or its headers, and will zip "application/pkcs7-mime" and "application/pkcs7-signature" parts.

Note, 1stEAV doesn't perform signature verification, so when this setting is checked, a malicious user can sign a dangerous message and this way it can overcome the security settings.

Note: if you never used signed or encrypted messages earlier and it is not needed for you, then turn this feature off.

Note: never open any message with an invalid signature. Never open any message that has the certificate not signed by the trusted CA.