Want CNET to notify you of price drops and the latest stories?

View HTML mail from trusted senders, plain text from others

Combine the features and formatting of HTML e-mail with the safety of plain-text messages by designating specific senders as safe.

Dennis O'Reilly Former CNET contributor
Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.
Dennis O'Reilly
2 min read

My previous post described how to create a quick-and-simple HTML e-mail newsletter. I mentioned that you should view the plain-text version of the newsletter so you could see how it looks to recipients who have HTML mail disabled.

But what if you're on the receiving end? How can you ensure that you see the full-color, fancy-format HTML messages sent to you by people or organizations you trust, but are protected from potentially malicious HTML mail from bad guys? In Microsoft Outlook 2003 and 2007, it's easy.

Customize Outlook's message view
Start by setting Outlook to view messages as plain text by default. In Outlook 2007, click Tools > Trust Center > E-mail Security. In Outlook 2003, click Tools > Options > Preferences > E-mail Options. In both versions, check "Read all standard mail as plain text" and click OK.

Microsoft Outlook 2007 E-mail Security dialog box
Check "Read all standard mail in plain text" in Outlook 2007's E-mail Security dialog box. Microsoft

Next, allow HTML mail from sources you trust to appear by default. In both Outlook 2007 and 2003, click Tools > Options > Junk E-mail (under the Preferences tab). Choose the Safe Senders tab and make sure "Also trust e-mail from my contacts" is checked. You can also check "Automatically add people I e-mail to the Safe Senders List." Other options in this dialog let you add addresses manually and import or export your safe addresses as a .txt file. When you're done, click OK twice.

Microsoft Outlook 2007's Safe Senders dialog box
Make sure Outlook adds addresses in your contacts to its Safe Senders list. Microsoft

You can also add e-mail addresses to your safe list by right-clicking the address and selecting Junk E-mail > Add Sender to Safe Senders List.

I wasn't able to find a way to set Mozilla Thunderbird to view HTML mail from sources you trust and plain-text messages from everyone else. You can make the view change globally in Thunderbird by clicking View > Message Body As > Plain Text.

The other two options on this submenu let you view messages as either "Original HTML" or "Simple HTML." What's the difference? According to MozillaZine, simple HTML blocks Javascript and remote-image display and interprets only "basic" HTML commands.