Wolf vs Evolution E Mail

[Lawwolf]

Hi, I recently set up Evolution E Mail. I using version 2.12.1. Overall, I like it. However, I have one issue I can't solve. I can't set the e-mail preferences when I'm composing an e mail. The text size is quite small and it's not in bold. When I enter changes, the text will be larger and in bold until I hit ENTER to go to the next line. When I do that, the text reverts to a very small size without bold. Same thing happens when I try to change colors, use underline, etc. Oddly, I CAN make changes in text size, fonts, bold etc., for INCOMING e mails. I tried a few help forums for Evolution, but can't seem to find a specific fix.All help would be much appreciated.

[Bruno]

Hi LawwolfI am a big fan of Evolution myself, but do all my mail in txt and not in html . . . . so I probably will not be of much help.The rare occasions, only once every 3 years, I do send an html mail I first type all the text and do the formatting ( bold/colors/images ) after I'm finished typing. BrunoPS: I know that Kmail does behaves better with html mail . . . . maybe have a little test if you like the interface ? ( would not blame you if you preferred Evolution though )

[striker]

FWIW: I don't even accept any html formatted mail. Period.

[Urmas]

I believe there is a bit of an issue/oversight/bugaboo here that has to do with Evolution's (lack of) tweakability rather than "to html or not to html". Because Evolution is "bolted to GNOME", the [screen] font in composing box is defined in GNOME's screen fonts settings. And there seems to be no way of "overriding" this setting in Evolution.

[Lawwolf]

Well, problem solved. I switched to T-Bird. Thanks for the replies. If I ever find a fix to the Evolution issue I originally posted, I post it here. Wolf

[V.T. Eric Layton]

T-bird GOOD!

[Cluttermagnet]

T-bird good! Evolution good, too!(Fire bad!)Non-US forum members:"Fire bad!" is an inside joke- from an old Phil Hartman sketchon NBC Saturday Night Live show from years ago. A parodyof Mary Shelly "Frankenstein" character, and how he wouldfeel about fire. "Fire bad!"Oh- er, "html bad!" Security risk. You tell 'em, striker!

Edited February 16, 2008 by Cluttermagnet

[V.T. Eric Layton]

Security risk? In Linux? How so?

[Bruno]

If I ever find a fix to the Evolution issue I originally posted, I post it here.

That would be nice . . . because it might help other people with the same problem. Bruno

[Cluttermagnet]

Security risk? In Linux? How so?

Nope- obviously more in Windows. My bad. Never mind.

[striker]

Don't think nothing can happen just because you're on linux... that's a false sense of security! Keep your minds afresh and don't sleep behind the keyboard. It's a rough world out there and it keeps getting worse by the day if not by the hour. I think you guys should more often visit http://sunbeltblog.blogspot.com/ ,then you'll see what's going on out there. Fake codecs, fishing, fake redirects, you name it. In other words you're relatively safe but not immune, keep an eye on it!

[Urmas]

It's a rough world out there and it keeps getting worse by the day if not by the hour.

Indeed it is... so I decided - Eric's so busy nowadays, no guinea piggin', zero entertainment value - to go... er... overboard. Google-Google-Google... HEY! F-Secure's got a whachamacallit... Linux Security beta thingy... downloadable for evaluation. A Finnish company and all... real time protection, rootkit checkapoo, integrity verification (wasted on me, no integrity here), software firewall... all the goodies I've been missing since fire weeding the... ahem... other OS . So, without any deeper thought (detrimental and overrated), I fastened my seat belt and installed it in my Ubuntu Ultimate VBox "machine" (OK, OK, call me wussy, but I ain't THAT crazy... ). That machine has 390MB RAM, purrfect for my testing purposes. See?

F-Secure Linux Security should be installed on a computer that meets the following minimum system requirements: System requirements: Processor: 686 Memory (command-line only): 256 MB RAM Memory (full install): 512 MB RAM Disk space to install: 200 MB Required components: Linux kernel 2.4 or later glibc 2.2.4 or later 32-bit compatibility libraries on 64-bit distributions The following 32-bit Linux distributions are supported: Asianux 2.0 Asianux 3.0 Debian 4.0 Miracle Linux 3.0 Red Hat Enterprise Linux 3 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 SUSE Linux 10 SUSE Linux 10.1 SUSE Linux 9.0 SUSE Linux 9.3 openSUSE 10.2 openSUSE 10.3 SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Server 9 Turbolinux 10 Ubuntu 6.06 LTS (Dapper Drake) Ubuntu 7.10 (Gutsy Gibbon) The following 64-bit (AMD64/EM64T) distributions are supported with 32-bit compatibility packages: Debian 4.0 Red Hat Enterprise Linux 4 Red Hat Enterprise Linux 5 SUSE Linux Enterprise Desktop 10 SUSE Linux Enterprise Server 10 SUSE Linux Enterprise Server 9 SUSE Linux 10.1 Turbolinux 10 Ubuntu 7.10 (Gutsy Gibbon)

Goin' for a "full" install, of course. SO: Downloaded it from here: http://www.f-secure.com/linux-weblog/2008/...ity-700-beta-3/Read the release notes (OK, only the "good bits"): http://www.f-secure.com/linux-weblog/files...lease-notes.txtAnd... ATTACK:

$ tar zxvf f-secure-linux-security-7.00.70103.tgz$ chmod a+x f-secure-linux-security-7.00.70103$ cd /home/urmas/f-secure-linux-security-7.00.70103$ sudo ./f-secure-linux-security-7.00.70103

That's it... opening it from Applications -> System Tools wakes up Firefox, goes to "http://localhost:28080/fsecure/webui". All configuration stuff etc is done there. Easy.I was so relieved... my Linux virtual machine - which runs on Linux host, which in turn is configured with Firestarter... and all this runs behind a decent router - was clean. Furthermore: I got the good old nostalgic feeling from those long gone days with the other OS... the virtual machine runs on less than 400MB of RAM, remember? Real time scanning and things & stuff do S-L-O-W things down pretty darn good. So... I don't think I'm gonna buy this one. But worth a try, and ten twelve points for making stuff for Linux.Ãœbersecurity in action... all leeches - ahem, systems - green :

Edited February 16, 2008 by Urmas

[striker]

OK Urmas, I know what you guys think. Have your fun with it. But I just keep hammering again: you're not immune.Whatever you all and this complete ATL + others think, you're not immune.Whether you have 10 high end routers daisychained and a software firewall running, HIPS, IDS, honeypots, the whole shebang. You're not immune.What you are is relatively secure when compared to the windows users, but only when the defenses are in place and working. If they are not (no router, and no firewall) you are at risk. And even with those in place and working, any user who also accesses the internet and mail is at a certain level of risk.You frequent this forums a lot, that's good and we highly respect your knowledge which you gained and you're humor and you're trying to help others. That's what we are here for. But what I also have seen is a daily increase in spammers and what not trying to registering here with not so nice goals. Kudos for the team we have in here doing the dirty works of weeding those out in the validation process. See, just another little example of keeping your eyes open.Now don't overreact: having a descent router in place and keeping your eyes open, that's one. But you should nevertheless not just download any crap out there without knowing where it comes from exactly and what it does. (I know some folks do that without knowing what they do. They think I'm on linux, so nothing can happen. ) In other words knowing the source. You should keep your eyes widely open when moving through the net, myspace, youtube, all places of higher risk.Don't agree with me? Ok, no problem. Gaming, well I hate that, but others love it. So to get the max out of it let's shut down that stupid firewall and also do a little portforwarding at the router, better yet DMZ it, results in almost double the speed when gaming. Right? Yep, could be. But it also could be you have something not so nice on the system after the game is over, without even knowing it. Ok, it might not run (yet), but it's on there. So now what? Head over to ATL and whine 'what's this file and where does it come from'?See what I mean?I didn't say a worth about dowloading propriatary stuff or stuff used to appeal at users feelings of security. O no, I just want to get that dumb overhyped stupid saying out of here like 'hey you're on linux, you're safe'. Because that simply just asks for trouble in the long run. Rootkits are just one example of being able to do damage on linux. There are a couple of checkers for it out there, nice. But once a rootkit is on your machine, your machine is compromised. Period. That means a simple killdisk, format and a reinstall from scratch.Another example is those of redirects on the net. Whether you're running linux or who knows what, if you just get on the net with that feeling of 'so what, I'm on linux, I'm safe, nothing can happen to my box' you're wrong for 100 percent and all others here at ATL who think the same.Again, I'm not trying to make people trembling for fear, I'm not telling anyone at all something else is more secure. What I am telling however is that while you may run linux succesfully and know your way around, and maybe having learned a lot in those couple of years you are using it, linux is not immune. It is however far more resistant against outside attacks, that's right. But not immune. If it was, you wouldn't have to run a router in front of it. And if you don't have a router, you wouldn't have to run a firewall instead.

[Urmas]

OK Urmas, I know what you guys think. Have your fun with it.

Fun = Good Actually, we agree... if not 110%, then at least 95. This is a good conversation to have from time to time: how much security is enough. For instance... would you use a "real time scanning" antivirus proggy in a Linux (and Linux only) computer that is otherwise more or less sensibly configured... although the owner isn't?Nobody's immune... especially when it comes to rootkits, but I still think running a real time virus scanner in a machine like described above is... overkill. Today. Tomorrow... who knows?Not into games, myself, that "world" is not familiar to me... but the most likely (and easiest to accomplish... good old social engineering at work) future threat is... well... "Honest Joe's Mandy/Buntu/Whatever Repository"... "Killer Freebie .debs and .rpms", that kind of stuff. Stupidity isn't going anywhere... just a matter of time, I'm afraid. :(Also:

I didn't say a worth about dowloading propriatary stuff or stuff used to appeal at users feelings of security.

No, you didn't. But - again - something worth discussing. Most of the players are "here" already... and real time scanning is offered by (at least, I'm no expert) Avira and ESET... and now F-Secure. Bottom line: full blown, "Windows style" security suites (looking for Windows bugs, mostly) are - more and more - marketed to home users. Kinda heavy artillery in TODAY'S situation. ClamAV+router+"software firewall" (such as Firestarter) should do it for the "average" home user, don't you think? And if using ClamAV from Terminal seems difficult, and GUI frontends (ClamTK etc.) feel slow... well, there are lighter, free (proprietary) alternatives... Avast! for example. Edited February 16, 2008 by Urmas

[lewmur]

Don't think nothing can happen just because you're on linux... that's a false sense of security! Keep your minds afresh and don't sleep behind the keyboard. It's a rough world out there and it keeps getting worse by the day if not by the hour. I think you guys should more often visit http://sunbeltblog.blogspot.com/ ,then you'll see what's going on out there. Fake codecs, fishing, fake redirects, you name it. In other words you're relatively safe but not immune, keep an eye on it!

That's why I keep a Vbox session for doing anything the least bit risky. I have a friend that loves to send emails with "attachments" to things he found funny or interesting. Prior to Vbox I'd have to discard them all "sight unseen." But with a Linux distro running in Vbox from a Linux host, I feel sufficiently safe to go ahead and enjoy the attachments. I have a cloned copy of the Vbox's virtual drive and regularly erase the virtual drive and re-clone it. So even if some malware sneaks through, it doesn't last long.

[striker]

Aha, I think we had a little miscommunication. Ok, Let's try to answer your remarks/questions one after the other.

For instance... would you use a "real time scanning" antivirus proggy in a Linux (and Linux only) computer that is otherwise more or less sensibly configured... although the owner isn't?

That's one of the most difficult questions to answer. Pure technically, when I don't run a server I would say no, I wouldn't run such a thing. OTOH when I have to send more than an occasional mail to a windows only user and I also receive more than occasional mails from windows users, then there might be the social aspect coming in. I would hate it when sending along something 'bad' to the other window user(s), albeit myself I wouldn't even know it was in the material to begin with.So they would start to blame me for this where in fact I received it from another windows user and just send it along to another windows user. These things can happen.So I would be the middleman for malware without wanting to be that: I would hate that when it happens. There's another OTOH tho : windows users should know they are at risk and need the usual army of defenses installed. So when their AV program kicks in and does its work, that's good. Albeit it still would be 'after the fact'. But when I have a client which comes from windows and decided to turn over to linux completely and only, I would probably build in the possibility to use at least something as ClamAV and I would clear them up about the differences (security wise) between windows and linux. So if they absolutely want an AV to be available it would be there. So it would be their decision to use it or not.

Nobody's immune... especially when it comes to rootkits, but I still think running a real time virus scanner in a machine like described above is... overkill.

When talking about a Joe users machine like the majority out there, yes it would be unnecessary for a complete suite, overkill : yes.And in fact I fear they might just kill the machines speed and grips with such a beast on it, especially where it in these situations for these kinds of users is indeed overkill.

Not into games, myself, that "world" is not familiar to me... but the most likely (and easiest to accomplish... good old social engineering at work) future threat is... well... "Honest Joe's Mandy/Buntu/Whatever Repository"... "Killer Freebie .debs and .rpms", that kind of stuff. Stupidity isn't going anywhere... just a matter of time, I'm afraid.

yep, correct. I have seen a guy doing what I explained above, a 24h a day gaming addict he was. He insisted to have linux on his box, so he got it. But there was no router, no firewall, nothing, nada, zilch.Widely open to al and everything. And this guy was also IM'ing and sending and receiving mail. However, this situation didn't last long...

No, you didn't. But - again - something worth discussing. Most of the players are "here" already... and real time scanning is offered by (at least, I'm no expert) Avira and ESET... and now F-Secure. Bottom line: full blown, "Windows style" security suites (looking for Windows bugs, mostly) are - more and more - marketed to home users.

Yep, I see it rise those packages. It comes down much to playing with users feelings, especially those who came from the windows world and are used to have those artillery on the machine. I think this is a bad development.

Kinda heavy artillery in TODAY'S situation. ClamAV+router+"software firewall" (such as Firestarter) should do it for the "average" home user, don't you think? And if using ClamAV from Terminal seems difficult, and GUI frontends (ClamTK etc.) feel slow... well, there are lighter, free (proprietary) alternatives... Avast! for example.

Exactly Urmas. I always say what's that difficult about a terminal? You once learned to ride a bike or a car, then you get a new one and you just drive along with it. There the few first minutes in the new car you will use to get an overview where all the controls are located this time and to see what's new. But once you got that, it's as if you were driving that new car for years. The same goes for the linux terminal in a sense they were once ready to learn windows, so why not learn linux now? And the terminal is not such a 'strange black thingy' compared to the windows command box.And yep, there are some GUI add ons out there for a couple of programs. And again yes, there are alternatives, correct.

[Urmas]

OTOH when I have to send more than an occasional mail to a windows only user and I also receive more than occasional mails from windows users, then there might be the social aspect coming in.

Not "might", "is". I've got ClamAV/TK handy in the right "Naughtilus Moose button"... whatever I send, I check. Edited February 16, 2008 by Urmas

[Bruno]

I think it's a moving target: viruses are a thing of the past, it's trojans, phishing, bot-nets and key-loggers that need our attention.Companies like Avast and F-Secure ( wanting a piece of the Linux pie ) just are always one step behind and have no way of keeping up with the latest trends.That is why keeping both eyes open and a fair amount common sense is the best defense . . . Bruno

[striker]

Spot on, that's what I was aiming at.

[Cluttermagnet]

Wow! Great discussion. Thanks, guys.Me? I'm still a little lax these days, but not so bad either. I'll study this thread for a long time to come, and think about all I've read here.I feel a lot safer running Linux, but being still a newcomer, I have soooo muchyet to learn. This kind of discussion really helps me. I've always been carefuland definitely very security conscious, but nonetheless, I think I have been atrisk all too many times. For gosh sakes, even simple graphics can now beconsidered a potential hazard. How much longer before the bad guys figureout a way to make a simple text file somehow misbehave? I feel like I'm onlyexagerating slightly.As I concluded back about a year ago, the only way to really be sure wouldbe to (on the Windows side) make a set of images at many points along theway during the install process (OS plus 3rd party apps), then regularlyrefresh with an image as prevention. Simply assume you have been root-kitted and act acordingly. Oh, and make sure all those images get madebefore ever even letting that box taste of the internet. What a world...Siiighhhh!

[Lawwolf]

I have very much enjoyed the above discussions also. I've learned a lot about the issues of plain vs HTML text and potential security threats to Linux users. The above comments are sobering and much appreciated. Just in case someone visits this post in the future looking for insights about Evolution e mail, I would like to add a few comments about what I've discovered since the last time I posted.For me, the biggest issue I had was trying to change the text size. Being far-sighted (literally, not intellectually) and running Linux on a notebook with a relatively smaller screen than I am used to; I was having a difficult time reading as I composed my emails. There is a way to get around that and it's only mildly annoying. After hitting ENTER and beginning a new line, simply move the cursor up and change the text size again. If desired, you will also need to do this each time to change the default colors, use bold text, etc. In retrospect, sitting closer to the screen and using a stronger pair of "store-bought" reading glasses would be an easy fix for me also. Switching to T-Bird was a good fix for me since (at least on my screen) the default text size is bigger and using plain text isn't a problem. Once again, many thanks to all who commented in this thread. Wolf.

[V.T. Eric Layton]

Didn't we kinda' sorta' go through all this "anti-virus in Linux" stuff here:http://forums.scotsnewsletter.com/index.ph...=avast&st=0

[striker]

Not exactly Eric. The motto 'I'm on linux so I'm safe' has to go for once and for all.One has to use his/her brains nowadays and look at what he/she is doing.

[V.T. Eric Layton]

I've never felt totally bullet-proof in Linux, Striker. I spent too many years in Windows. I'm still paranoid about security. That was the point of playing around with that Avast for Linux, but when I posted about it, I got the feeling that most folks here thought it was a waste of time and cpu cycles to use a virus scanner in Linux.

[striker]

That's right, a Virus scanner in linux is a total waste basically. Because the AV developers/manufacturers always walk behind the 'fact' which means it's just too late, and because a virus basically can't do anything on a linux box, assuming it's a windows virus. (and I haven't seen any other virus than for windows or other OS only, not even a single one for linux which could do any harm with the now in use kernels) There are of course exceptions for having an Antivirus program installed on a linux box which exceptions we tried to explain in the above posts. Indeed, the 'target' is moving nowadays, the bad people out there are just after your credentials and your money, and they will do everything they possibly can to get their dirty hands on it. They're not the incidental virus experimenters from years ago but high tech using skilled criminals : and yes, they are criminals based on US laws.