Today, I would like to talk about the habit that some companies still enforce. Sending HTML emails – ideally with some pseudo-legal notices and statements. Read on to find out why this is plain wrong on all counts.
Even before SMTP defined in RFC 821 there was email since the early days of ARPANET. Most of the people with access to email were scientists that were generally being able to adhere to some implicit principles. It can be summed up as being nice to each other and just use the technology to improve the information flow.
Later on, as more and more people gained access to email, things started to be slightly complicated. First unsolicited bulk email appeared, some people were rude and no longer was being connected to the network a guarantee that you are a reasonable person adhering to those nice principles. That is why Netiquette was written. It laid out basic rules for communication on the Internet and people were happy. For a while…
Also, from the early days of email, there were signatures. Back then that meant only snippets of text put at the very end of an email message with information about the sender. Name, online handle (nickname), surname, organization and maybe some ASCII-ART graphics to make it more personal.
As the network grew and the technology has advanced, digital signatures were added to email infrastructure. But also the ability to include attachments using MIME was added to the mix. And with that the unfortunate ability to create HTML emails.
But that is just the first level of badness. To make things worse, people include pseudo-legal disclaimers – usually in small font and in bold type-face – at the end or (even worse) at the beginning of the email. Although it has absolutely no legal binding for any – even unintended – recipient. Some lawyers just do not understand the technology and how it interacts with the legal system. The only result is – no digital signature of such emails can be trusted.
The worst thing of them all is if this pseudo-legal HTML disclaimer is injected by a SMTP server. And actually such action invalidates all digital signatures the email had. So maybe it is not that bad.
However, everyone can help. Even you! Just open up the preferences of your email client and disable HTML emails. For example in Mozilla Thunderbird you can do it as shown in Picture 1 below.
Picture 1: Disabling HTML email
You – and your company – should also use a trusted email server. If you are in charge, make sure users’ emails are not modified by your SMTP infrastructure. And if you are not in charge, talk to your CTO/CIO/CSO or in Europe to your DPO, because there some GDPR issues might come with inspecting email contents as well!
Thank you for staying with us and please, everyone, consider turning off HTML email in your email client and get back next week for some more authenticated news!
1. Wikipedia contributors. (2019, March 30). Simple Mail Transfer Protocol. In Wikipedia, The Free Encyclopedia. Retrieved 07:18, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=Simple_Mail_Transfer_Protocol&oldid=890088488
3. Wikipedia contributors. (2019, March 25). Email. In Wikipedia, The Free Encyclopedia. Retrieved 07:20, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=Email&oldid=889333181
4. Wikipedia contributors. (2019, April 4). ARPANET. In Wikipedia, The Free Encyclopedia. Retrieved 07:19, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=ARPANET&oldid=890939968
5. Wikipedia contributors. (2019, March 3). Spamming. In Wikipedia, The Free Encyclopedia. Retrieved 07:21, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=Spamming&oldid=886040700
7. Wikipedia contributors. (2019, February 15). ASCII art. In Wikipedia, The Free Encyclopedia. Retrieved 07:22, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=ASCII_art&oldid=883447580
10. Wikipedia contributors. (2019, March 13). HTML. In Wikipedia, The Free Encyclopedia. Retrieved 07:23, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=HTML&oldid=887642352
12. Wikipedia contributors. (2019, April 10). Unicode. In Wikipedia, The Free Encyclopedia. Retrieved 07:26, April 10, 2019, from https://en.wikipedia.org/w/index.php?title=Unicode&oldid=891791938