Many of you know that I continue to surf developerWorks:Lotus. I am struck by the number of people that are still wondering how to resolve the issue when HTML mail is received with red X's in the body, like this:
In most of my experiences, it is due to a missing or wrong proxy entry in the Location Document - Basics Tab:
Of course, this setting depends on your networking configuration.
If this is not the issue, IBM has a TechNote that addresses the other causes of this issue. From the TechNote:
You receive an e-mail such as a newsletter from the Internet into your Lotus Notes® client. The e-mail is an HTML document containing images which display as red "X"s. You may also notice the following message in the status bar:
"Document attachment is invalid." (in R5)
or
"Image or Object not found on server/" (in R6).
Answer
Reachability is the main issue concerning red X images in the Notes client.
Notes makes requests from the client to the Internet to the images that reside on a specific server. For example, a specific Yahoo newsletter may make the following references: <img src="http: // images.yahoo.com / yahoo.jpg">
Regardless of the browser setting in the Location Document, the "perweb" is the process that retrieves the images (see below for more information).
NOTE: Having an invalid proxy server can also cause this issue:
Link: Troubleshooting Internet HTML e-mails with images appearing as red Xs
Technorati tag: SnTT Show-n-Tell Thursday
Comment posted by JYR06/12/2008 11:25:55 PM
Hi Gregg,
The main reason is cited in the Technotes:
The main point is that Microsoft proxies that use NTLM (Windows domain authentication / Microsoft security's protocol) is not supported. The protocol is a proprietary protocol (much like NRPC) that Microsoft uses in its suite of products (IE, Outlook, Windows login).
Many of the clients that I went had the exact same problem, We've opened a PMR back in 2004.
There is no way for Notes to pull proxy server authentication from the browser and Notes will request this information even if IE is set to the default browser. Lotus Notes SPR # GMAA5J8C5Y requests that authentication not be required if IE is set as default browser.
JYR
Comment posted by Tim Lorge06/13/2008 01:16:14 AM
Homepage: http://www.groupwarenews.com
I've been all through that technote a billion times and I still intermittently get the damn red x. What really burns my cookies is that we don't use a proxy server and that's all that's really listed as an issue. The funny thing is, it's only when viewing in Notes. If I view the same email in DWA ... or iNotes or whatever it's being called this week, I don't get it.
What I've discovered, and this isn't in any of the technotes, is in Notes 8, there is a preference setting located in File > Preferences > Mail > Internet called "Image Security". You need to uncheck the box that says "Do not show remote images without my permission". It's still hit or miss but better.
Hope that helps.
Your Buddy,
Timbo
Comment posted by Nathan T. Freeman06/13/2008 06:47:45 AM
Homepage: http://nathan.lotus911.com
Tim, has it occurred to you that you're subjecting yourself to email address harvesting by unchecking that box? When you have it checked, all you have to do is click the "show images" link on the right side of your mail and all the images will be retrieved. But it's there to give you the opportunity to decide whether the HTML mail is from a trusted source.
If you think like an attacker, you'll see that there's really a substantial amount of information that could be gained when you elect to retrieve images from a message that the sender knows was addressed specifically to you.
Comment posted by Tim Lorge06/13/2008 09:54:36 AM
Homepage: http://www.groupwarenews.com
Nathan, C'mon man, What, do you think I'm some sort of newbie? It was 1 AM when I wrote that. I may have been a bit tired. My apologies.
To answer your question, yes I did and rejected it. First of all, for the sake of the newbies, if I don't know who sent the mail or know it isn't a trusted source, I'll either open it on my BlackBerry or just delete it.
Second, your assumption/fear or, perhaps problem, is that Spam and other illegitimate crap is getting through. In my environment, that doesn't happen courtesy of the Symantec Mail Security Appliance. I don't have a Spam problem with that box. It automatically updates Spam & virus definitions every 6 or 7 minutes. If you are running any other anti-spam tool, do yourself and your users a favor and get a demo unit from Symantec. You'll be amazed.
Third, and perhaps more to the point of my response, the Image Security "feature" is largely undocumented, not mentioned in any of the technotes and the cause of the issue in Notes 8.
We as admins really need to look at our environments and idiot proof them as much as possible. If there is a feature of Notes that the user can or needs to modify, we have to take it upon ourselves to ensure that it is safe for them to do that. Most users don't know what directory harvesting is nor should we expect them to concern themselves with it. If there is something within Notes that could cause that to happen, it's up to the admin to take every possible step to prevent that from occurring. Preventing directory harvesting is our jobs not the users.
BlogSphere V1.3.1
Join The WebLog Revolution at BlogSphere.net