R
Random832
2006-12-13 said:I am secure. Their customers aren't. It's stupid to endanger
people for no conceivable reason.
Their HTML emails are, presumably, no danger to the users. If someone
can hack their system to change the emails to include dangerous
javascript, they can hack their system to change the formerly text
emails to include html.
Encouraging the users to use a HTML email client may be dangerous, but
it is much harder to quantify.
Even stupider to deny that they can send pure text mail.
They may have an off-the-shelf (or "handed down from corporate" if the
person you talked to was from a local branch) solution that does not
provide this as an option.
Even if not, it might be more along the lines of "we can't justify the
expense of changing the system to allow us to send text email to one
person"