To change the security zones settings for Outlook Express
As the use of e-mail and electronic commerce becomes more widely adopted, the amount of confidential information being exchanged over the Internet is growing rapidly. As a result, there is a need to make e-mail messages secure and private. In addition, with the growing popularity of ActiveX controls, scripts, and Java applets, there is an increased chance that the HTML content you receive in an e-mail message could damage or compromise files on your computer.
Outlook Express includes tools to protect you from fraud, ensure your privacy, and prevent unauthorized access to your computer. These tools enable you to send and receive secure e-mail messages and to control potentially harmful e-mail messages through security zones.
Outlook Express enables you to choose which Internet Explorer security zone your incoming e-mail messages are in — either the Internet zone or the Restricted sites zone. Which zone you decide to select depends on how concerned you are about active content (e.g., ActiveX controls, scripts, and Java applets) weighed against the freedom to run that content on your computer. In addition, for each security zone, you can choose a High, Medium, Low, or Custom security level setting.
For more information about security zones, see "Setting Up Security Zones" earlier in this chapter.
Caution
Changing the settings for the Internet zone or Restricted sites zone will also change this setting for Internet Explorer and vice versa.
To change the security zones settings for Outlook Express
To use secure e-mail in Outlook Express, you need a digital ID. Digital IDs (also called certificates) provide a means for proving your identity on the Internet, much as a driver’s license or other ID cards identify you.
Digital IDs let you sign your e-mail messages, so that the intended recipients can make sure that the message actually came from you and has not been tampered with. Also, a digital ID allows other people to send you encrypted messages.
For more information, see Outlook Express Help.
You obtain your digital ID from a certifying authority, an organization responsible for issuing digital IDs and continuously verifying that digital IDs are still valid.
Before you can send signed e-mail messages, you must associate your digital ID with the e-mail account you want to use it with.
To associate your digital ID with an e-mail account
Note
Only the digital IDs with the same e-mail address as the e-mail address for the account will be shown.
Part of your digital ID is an irreplaceable private key stored on your computer. If the private key is lost, you will no longer be able to send signed e-mail messages or read encrypted e-mail messages with that digital ID. You are strongly encouraged to make a backup of your digital ID in case the files containing it are damaged or made otherwise unreadable.
To back up your digital ID
Now that you have a digital ID, you can send secure e-mail messages. Secure e-mail messages in Outlook Express protects your Internet communications through both digital signatures and encryption. Using digital signatures, you can sign your e-mail message with a unique ID that assures the person receiving the message that you are the true sender of the message and that it was not tampered with in transit. Encrypting e-mail messages that you send can ensure that no one except the intended recipient can read the contents of the message while it is in transit.
Because Outlook Express uses the Secure/Multipurpose Internet Mail Extensions (S/MIME) standard, other people can read secure e-mail messages that you compose, using programs that support this technology. Likewise, you can read messages composed by other people by using e-mail programs that support S/MIME technology.
Signed e-mail messages let recipients verify your identity. To send signed e-mail messages, you must have a digital ID of your own.
To digitally sign an e-mail message
– Or –
Use the Digitally sign message button on the message toolbar.
Signed e-mail messages from others lets you verify the authenticity of a message — that the message is from the supposed sender and the message has not been tampered with during transit. Signed e-mail messages are designated with special signed e-mail icons. Any problems with signed e-mail messages that you receive (described in Outlook Express security warnings) could indicate that the message has been tampered with or was not from the supposed sender.
Encrypting an e-mail message prevents other people from reading it when it is in transit. To encrypt an e-mail message, you need the digital ID of the person you are sending the e-mail message to. The digital ID must be part of the person’s entry in the Address Book.
To send encrypted e-mail messages
– Or –
Use the Encrypt message button on the message toolbar.
When you receive an encrypted e-mail message, you can be reasonably confident that the message has not been read by anyone else. Outlook Express automatically decrypts e-mail messages, provided that you have the correct digital ID installed on your computer.
For others to be able to send you encrypted e-mail messages, they need your digital ID. To send it to them, simply send them a digitally signed e-mail message, and Outlook Express will automatically include your digital ID.
To send others encrypted e-mail messages, you need their digital ID. Outlook Express lets you retrieve digital IDs via directory services.
To find a digital ID
When you add someone’s digital ID to your Address Book, it has a trust status associated with it that indicates whether you trust the individual, group, or corporation to whom the digital ID was issued. If a digital ID owner warns you that he or she suspects that the digital ID’s private key has been compromised, you may want to change the trust status to "Explicitly Distrust."
To change the trust status of a digital ID
For more information, see Outlook Express Help.