Section 4.2. EMAIL

4.2.1. Pick the Default Email Program

THE ANNOYANCE: I use Eudora to read my email, but Outlook appears at the top of my Start menu. Can I put Eudora here instead, or does Microsoft want me to switch to Outlook?

THE FIX: Well, yes, Microsoft does want you to switch to Outlook. And they want you to use Word and Internet Explorer, rather than WordPerfect and Firefox. If they had their way, you'd be brushing your teeth with Microsoft Toothpaste. The good news is that you can have it your way; Sinatra would be proud.

To change the program that appears in your Start menu, right-click the Start button, select Properties, and choose the Start Menu tab. Make sure the "Start menu" option is selected, click the Customize button, and choose the General tab. Pick the desired program from the drop-down Email list in the "Show on Start Menu" section (see Figure 4-15), and click OK. (You can also remove the entry entirely by clearing the checkbox next to "E-mail.")

But the Start menu entry is only a small piece of the puzzle. What's particularly important is the default email programthe program that opens automatically when you click a mailto: link in a web page or email a file from within another application. To make your favorite email program the default, open the Internet Options control panel, click the Programs tab, and choose your program from the drop-down Email list. If you don't see your favorite email program here, see the "Add or Remove Email Clients" sidebar.

Figure 4-15. Choose your favorite email program to appear in the Start menu.

4.2.2. Stop Spam

THE ANNOYANCE: I downloaded my email this morning. Of the 873 messages in my inbox, only 4 were actually for me (my thinning hair and waning sex drive notwithstanding). Where are the other 869 messages coming from, and how do I stop them?

THE FIX: There is no perfect solution to the spam problem. Either you live with some junk mail in your inbox, or you employ a spam filter that occasionally deletes valid messages. Fortunately, a handful of steps can reduce your exposure to spam.

First, don't post your email address on web sites, in public forums, or in the backs of computer books. If you've already done this, you're already on every spam list on the planet.

If you're already getting tons of spam, now's the time to change your email address. Get your own domain name and create a bunch of different addresses for different purposes, such as for online shopping, for buying and selling on eBay, for newsletters, and for personal correspondence, and have them all go to the same inbox. That way, if one of your addresses makes its way onto a spam list, you can take down the address without disrupting the email to your other accounts. Better yet, create a new email address for every site you visit, such as,,, and That way, if an address starts getting spam, you'll know who sold you out.

Add or Remove Email Clients

If your favorite email program doesn't appear in either of the email client lists described in "Pick the Default Email Program," it doesn't mean that Microsoft specifically excluded it. Rather, it means that your application or email web site isn't properly registered with Windows.

The easiest way to fix the problem is to reinstall the program in question; if that doesn't help, check the vendor's web site for an update that fixes this problem.

If your program still doesn't show up, or if there are entries in the list you could do without, you can edit the list in the Windows Registry manually. Open the Registry Editor (go to Start Run and type regedit) and navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail. Here, you'll find a separate subkey for each program; to remove an entry from the list, just delete the corresponding subkey.

Adding entries is a little more involved. For starters, get the Gmail template I created for this task, available at, and save it to your desktop. Double-click gmail.reg, click the Run button if asked, and then click Yes. A message will note that the Registry has been updated with this information. Now open the Registry Editor to view the new entry, located at HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Gmail.

You can rename the Gmail key to whatever you like. To change the title that appears in Windows's Email list, double-click the (Default) value in the right pane, change the text in the "Value data" field, and click OK.

Next, go to HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Gmail\shell\open\command, double-click the (Default) value in the right pane, and change the address of the program in the "Value data" field. If it's an application on your hard disk, type (or paste) the full path and filename of the program's .exe file (e.g., c:\ProgramFiles\AcmeMail\acme.exe). If it's a web site, type the .exe filename of your browser, followed by the appropriate parameter (if any) and then the URL of the site. For example, if you're using Internet Explorer, type:

	iexplore.exe nohome

If you're using Firefox, type:

	c:\program files\firefox\firefox.exe

If you're using Mozilla Suite, type:

	c:\program files\mozilla\mozilla.exe url

Finally, set up your new Registry entry to respond to mailto: links you click in web pages. In this example, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Clients\Mail\Gmail\Protocols\mailto\shell\open\command, and double-click the (Default) value in the right pane. In the "Value data" field, type the address of the program or your web-based email site. This time, you'll need to add the %1 parameter so that Windows can pass the email addresses you click to your email program. Check the documentation for your program or email site for the correct syntax, but for programs it should look something like this:

	c:\Program Files\AcmeMail\acme.exe /m %1

and for a web site (such as Gmail), you should type something like this:

	iexplore.exe -nohome

When you're done, test it out by clicking the Email entry in your Start menu and any mailto: link in a web page. If you run into trouble, just search Google for the word "mailto" and the name of your program (or email web site). You should find the information you need.

Once you've got a "clean" email address, turn off image fetching for HTML messages in your email software. Some email messages have embedded pictures (as opposed to attachments); when you view one of these messages, your email program fetches the picture from the server, and that server records the event. (And voilà, your email address has been captured.) If you turn off image fetching, those servers are never notified, and you'll stay off more spam lists. Here's how to turn it off:

Microsoft Outlook

Go to Tools Options, choose the Security tab, and, under Download Pictures, click Change Automatic Download Settings. Place a check-mark next to the "Don't download pictures or other content automatically in HTML e-mail" option, and then click OK in both boxes.

Microsoft Outlook Express

Go to Tools Options, choose the Security tab, and, under Download Images, check the "Block images and other external content in HTML e-mail" box. Then click OK.


Go to Tools Options, and choose the Display category. Remove the checkmark next to the "Automatically download HTML graphics" option, and click OK.

Mozilla Thunderbird

Go to Tools Options, and choose the Advanced Privacy category. Select the "Block loading of remote images in mail messages" option, and click OK.

Next, install an independent, passive spam filterone that marks potential spam as **Spam** instead of deleting itsuch as SpamPal (free, Then configure your email program's filter to send all email containing the text **Spam** in the subject line to the Junk or Trash mailbox. That way, you can get the spam out of your face, but later peruse your Junk mailbox for valid messages before purging it.

Most email programs (e.g., Outlook, Thunderbird, and Eudora) have built-in spam filters that can likewise route spam into the trash, but third-party programs such as SpamPal are more configurable and update their spam lists and definitions frequently. Note: SpamPal works with any POP3- or IMAP4-based email program, which means it doesn't work with AOL or with web-based mail systems such as Gmail.

If your spam situation is particularly bad, and passive spam filters aren't cutting it, there are more drastic options. First, contact your ISP and request that they employ a server-based spam filter such as Postini ( The downside: some valid mail may never make it to your inbox.

Note: All spam filters rely on up-to-date lists and definitions to block spam effectively, so make sure your spam filters are kept current. If you're using Outlook, you can get spam filter updates from Some other email programs, such as Eudora, include updates only with subsequent versions of the software; check your documentation for details.

Note: If you're running an online business, think twice before you deploy one of these aggressive spam filters. The last thing you want is a spam filter deleting your customers' emails! And eBay users take note: spam filters are the number-one cause of negative feedback for both buyers and sellers.

You can also employ a more aggressive interactive spam filter, such as Cloudmark Desktop (, which won't allow any email to reach your inbox unless the sender is on an approved-senders list. (Many ISPs, such as Earthlink, offer this type of service as well.) If a non-approved sender tries to send you a message, the program sends back an email requesting that the sender fill out a web form. This not only trips up spam (which is sent by machines), but lets you reject humans with whom you'd rather not correspond. Of course, you can also easily add any sender to your approved list. This approach can turn a flood of spam into a trickle, but it won't ever let through valid automated messages, such as newsletters, registration codes you've paid for, or order confirmation emails from online merchants. Also, these types of filters won't stop spoofed messages, wherein the sender is made to look like someone likely to be on your approved list (such as another user in your domain).

4.2.3. Don't Phall for Phishing

THE ANNOYANCE: I got a message from eBay telling me that my account would be suspended if I didn't update my information. When I got a nearly identical message from Wells Fargo, I got suspicious, seeing as I don't have a Wells Fargo account. What's the story?

THE FIX: Those messages aren't from eBay or Wells Fargo; they're spam. But unlike come-ons for weight loss and real estate schemes, this spam tries to trick you into revealing personal information.

The practice is called "phishing" (not to be confused with the musical group, Phish), and it works like this: you get an email that looks authentic (known as a spoof), and you're encouraged to click a link in the message. The link takes you to a web site that looks like eBay (or Wells Fargo, or whatever), where you're asked to log in. Type your username and password, and you'll unwittingly send your login information to the online thieves who created the fake site. Of course, your password isn't enough; often, you're asked to supply your credit card number, Social Security Number, mother's maiden name, and anything else they've thought of.

To avoid this trap, recognize the red flags. First, no reputable company will ever ask you to "verify" your information, and while many sites ask you to log in to access your account, you should never do so after following a link in an email. Instead, use a trusted bookmark or just type the URL into your browser's address bar by hand. Always examine your browser's address bar to make sure you're at a legitimate site, especially if you're about to type sensitive information into a web form. If you're not comfortable simply discarding the message, contact the company and ask if the email is legitimate.

Second, inspect any URLs in the message. Pass your mouse pointer over the link, and the address should pop up (assuming your email program supports this). Odds are you won't see something like, but rather a long arcane URL with lots of symbols, or a numeric web address like This is a sure sign that you've gotten a phishing email destined for the circular file!

Note: To further scrutinize a suspicious email, right-click the message body and select View Source to view the HTML source code of the message. Search for "http," and you'll find the real URLs tied to the links in the message.

If you've configured your browser to save your login information (see "Remember Web Site Passwords"), you'll know you're not looking at the real site if your browser doesn't fill out the form for you; browsers save passwords for specific URLs, and your PC can tell the real thing even if you can't.

Finally, you can switch to an email program such as Eudora that warns you of potential spoof emails. When you get a message asking you to verify your account, for instance, Eudora will examine the URL inside the message and display a warning message (see Figure 4-16) if it suspects phishing.

Figure 4-16. Eudora will warn you when you're looking at a message that appears to have been spoofed.

Note: If you just need to send a few snapshots, emailing them is fine… as long you shrink them down first. Your 8-megapixel digital camera creates 4-MB files, but your friends don't need full-resolution photos unless they're going to print them. You can use Microsoft's free Image Resizer utility (see "Quickly Shrink Many Photos" in Chapter 3) to make your image files smaller before you email them. The total size of all the files you send should never be more than 400500 KB.

4.2.4. Send Large Files

THE ANNOYANCE: After several painful experiences, I've finally learned my lesson about sending large email attachments. But I really need to send photos of my newborn daughter to my family, and I don't know any other way.

THE FIX: Clogging your relatives' inboxes with 20 megabytes' worth of attachments is definitely a faux pas. Do it twice, and they may configure their spam filters to automatically dump all your emails in the trash.

If you want to share lots of photos, the best approach is to put the files on a web server somewhere, and then send out an email with the server's URL. Your message will go out in a flash, your recipients won't have any trouble opening it, and they'll be able to download the files they want at their leisure. If you have your own web space (often provided free by your ISP), you can FTP your files to the server, and then send your friends an address like this:

where is your ISP's web site, myusername is your username, and DSCN0165.JPG is the name of a file you want to share. Contact your ISP for details.

Unfortunately, your ISP probably isn't interested in helping you host (and have your friends download) gigabytes' worth of data. If you don't have web space, or if your ISP restricts the types or size of files you can upload to it, visit YouSendIt ( You can upload any type of file to YouSendIt's servers, and they'll automatically email your recipients a link to your files. Your files are deleted after 7 days or 25 downloads, whichever occurs first. YouSendIt is free, requires no registration, and permits sharing of files up to 1 GB in size!

If you're only sharing photos, you have quite a few more options. For example, you can send your photos to a free photo printing/sharing service such as Shutterfly (, DotPhoto (, Flickr (, or Kodak Gallery ( Anyone with whom you choose to share your albums can view your photos one at a time, or as pages of thumbnails; they can even order prints for scarcely more money than it costs to print them at home.

If you want your pals to be able to download the full-resolution pictures (something most printing services won't allow), send your photos to Putfile ( After uploading your photos, Putfile supplies a URL to the files that you can send in an email. PutFile even generates HTML code you can reference on a web page, all for free.

4.2.5. Receive All Types of Attachments

THE ANNOYANCE: My clients email me attachments, and I can usually open them without a problem. But the other day, I received this message where the attachment should have been: "Outlook blocked access to the following potentially unsafe attachments: product list.mdb."

THE FIX: By default, Microsoft Outlook won't allow you to send or receive certain types of attachments, such as .mdb and .exe files; instead, you'll just get that error message. The rationale is that these files can contain viruses or other harmful code, but the fact that Outlook doesn't let you easily disable or at least customize this feature is just plain stupid. What's even more ridiculous is that Word (.doc) files, which are one of the most common transports of viruses, aren't blocked by default.

The simple fix is to have the sender resend the file, but with a different filename extension. (Better yet, have him zip up files to get them past the blocker, and make them smaller to boot.) I know what you're thinking: how secure is my system if Outlook can be so easily fooled by renaming product list.mdb to product list.mda? The answer: it isn't doing a good job, which is why spyware and viruses remain such a monumental problem in the PC world.

But what if the sender can't be reached, and you need the file right away? Or what if you need to be able to receive .mdb attachments every week?

To change the way Outlook works, you'll need to fiddle with the Windows Registry. Close Outlook and open the Registry Editor (go to Start Run and type regedit). If you're using Office XP/2002, expand the branches to HKEY_CURRENT_USER\Software\Microsoft\Office\10.0\Outlook\Security. If you're using Office 2003, expand the branches to HKEY_ CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\Security.

Next, create a new string value by selecting Edit New String Value. In the right pane, type Level1Remove for the name of the new value. Double-click the new Level1Remove value to edit it, and type the filename extensions you'd like Outlook to allow in the "Value data" box. Extensions should be typed in lowercase, without the leading dots (.), and separated by semicolons (;). For example, type:


to allow .exe, .mdb, and .vbs attachments, respectively. Click OK and then close the Registry Editor when you're done.

Now, restart Outlook and open that email with the error message. You should now be able to open those previously blocked attachments. (If an attachment is still blocked, you likely got the filename extension wrong.)

Note: Of course, receiving all attachments means you'll now be able to get potentially harmful files via email. Even though the majority of viruses are actually contained in files Outlook doesn't block by default, such as .zip files, exercise caution when opening any files you subsequently receive. Certainly make sure to scan all incoming attachments manually with your antivirus program, or, if you don't trust yourself to remember, have your antivirus program automatically scan all incoming files. When in doubt, contact the sender to make sure they actually sent you the attachment in question before you open it.

4.2.6. Hide Old Email Recipients

THE ANNOYANCE: When I start to type the name of a recipient in an outgoing email message, my email program shows me a long list of matching names and addresses. Where did all these names come from, and how can I clean out the list?

THE FIX: Email programs build these lists by culling names you've typed previously, names of people in your In and Out mailboxes, and names in your address book. Unfortunately, this can include misspelled and obsolete names as well as valid ones.

To remove a single name or address from the history list in Outlook or Eudora, type the first few letters and, when the history list appears, highlight the errant entry (see Figure 4-17) and press the Delete key.

Figure 4-17. You can delete individual entries from your email program's history list.

You can also disable the history list completely. In Outlook, go to Tools Options, choose the Preferences tab, click the E-mail Options button, and then click the Advanced E-mail Options button. Uncheck the "Suggest names while completing To, cc, and bcc fields" box, and click OK in each dialog box.

In Eudora, go to Tools Options, choose the Auto-completion category, and uncheck the boxes next to all the options under the "Auto-complete items in recipient fields with data from" heading. If you don't want to disable the feature but you want to make it harder to accidentally select the wrong name, check the "Don't auto-complete, just list matches" box and click OK when you're done.

4.2.7. Back Up Stored Email

THE ANNOYANCE: Ever since my hard disk crashed last year, I've been paranoid about backing up my important data. Most of my files are easy enough to find in the My Documents folder, but I'll be darned if I can figure out where my email is located.

THE FIX: Backing up your email is as simple as making copies of the mailbox files. Their locations depend on the email software you're using.

Note: Eudora's .mbx files share the same format as Unix mailbox files, so if you want to import a few years' worth of mail you've been reading with Pine, it's as simple as FTPing the file into your Eudora folder (in ASCII mode) and renaming the file with the .mbx extension. Restart Eudora, and the imported mailbox will show up in the Mailbox menu!

Eudora typically stores its email in either the application folder (usually \Program Files\Qualcomm\Eudora) or your user data folder (\Documents and Settings\{username}\Application Data\Qualcomm\Eudora). Each mailbox is stored in two files: messages are stored in a plain-text .mbx file, and a corresponding "table of contents" is stored in a binary .toc file. So, to back up your Out mailbox, you'd need to copy both out.mbx and out.toc. Mailboxes in folders are stored in actual folders (e.g., Business.fol contains the .mbx and .toc files for your Business folder). Your best bet is to back up the entire Eudora folder and all of its subfolders, which will catch all your email, your address book, your personalities, and all your account settings.

Outlook, on the other hand, stores all your email, contacts, and even your calendar in a single binary .pst file located in your \Documents and Settings\{username}\Local Settings\Application Data\Microsoft\Outlook folder. (The exception is Outlook in a networking environment using Exchange Server, where your .pst file is stored on a file server somewhere; in this case, contact your administrator for help.)

Note: Since all of Outlook's data is bundled up in such a tidy package, there's no simple way to merge it with the Outlook data on another computer (say, if you quit your job and wanted to take your email home). Of course, you can overwrite one .pst file with another, but then you'll lose all your email on the target system. One solution is the Message Vault ($49,, which, among other things, can extract the mailboxes from a .pst file and export them to Eudora .mbx files. Also available is Microsoft's own Personal Folders Backup add-in for Outlook 2003, freely available from

If you're using Outlook Express, your email is stored in separate .dbx filesone for each mailboxin the \Documents and Settings\{username}\Local Settings\Application Data\Identities\{some long string of characters}\Microsoft\Outlook Express folder. Just back up the entire folder, and you're set.

Note: Find yourself making TinyURLs often? For a shortcut, just go to, and drag the TinyURL! link onto your browser's Links toolbar. Thereafter, just click the button to create a TinyURL from the current page.If you use Firefox, try the free TinyURL Creator (, or better yet, To use the tool, right-click an empty area of the current page and select "Create Tiny URL for this Page." A shortened URL is created on the spot and copied to the clipboard for your immediate use.

4.2.8. Email Long URLs

THE ANNOYANCE: Whenever I send an email containing a long web address, my recipient complains that it doesn't work. I finally realized that the long address was being broken apart somewhere along the way, but it's a hassle telling people that they need to reassemble broken URLs.

THE FIX: You've discovered the evils of word wrap. Your typical computer displays lines 80 characters wide. If you send someone a mondo URL, her email program will break it up into separate lines.

Since email vendors have yet to fix this glitch, one neat fix is to shrink the URL before you send it. For example, TinyURL ( can take any horrendously long URL, such as:,122.422682&spn=0.007197,0.009

and turn it into a tidy, easy-to-email URL like:

TinyURL is fast and free, and the URLs it makes never expire. Also available is SnipURL (, which does pretty much the same thing but adds tracking features.

So, what do you do when someone sends you a long URL? Well, you can highlight it, copy it to the clipboard (Ctrl-C), and then paste it into Notepad (Ctrl-V), where you can then proceed to manually reassemble the URL onto one line. (Take care to remove extraneous characters, such as spaces and punctuation, while leaving in the stuff that belongs.) Then, copy it again and paste it back into your web browser's address bar. Or, if you're using Firefox or Mozilla Suite, you can streamline this process with the free Open Long URL extension ( Install the extension, restart your browser, and then select File Open Long URL. Paste the long, broken URL into the box and click OK, and the extension will reassemble the URL for you and open the page. See? Much easier than fixing our email software.