Outlook won't open link properly

[Duane]

I am subscribed to SAT's "Question of the Day". I get e-mailed a sample SAT
question each day, with hyperlinked multiple choices. When I click on an
answer, the browser opens to SAT's homepage (collegeboard.com) instead.
If I copy the link to a browser page (or click on it in a Word doc, at
hotmail.com, etc.), it follows properly.
Here's an example link:

http://click.collegeboard.com:8080/...td/answer.do?questionId=1138&answerCd=A&src=E

Any ideas?
Thanks,
Duane

 

[VanguardLH]

I am subscribed to SAT's "Question of the Day". I get e-mailed a sample SAT
question each day, with hyperlinked multiple choices. When I click on an
answer, the browser opens to SAT's homepage (collegeboard.com) instead.
If I copy the link to a browser page (or click on it in a Word doc, at
hotmail.com, etc.), it follows properly.
Here's an example link:

http://click.collegeboard.com:8080/...td/answer.do?questionId=1138&answerCd=A&src=E

Outlook is an e-mail client that supports HTML rendering of e-mail.
Outlook is NOT a web browser. As a security measure, scripts are not
executed in e-mails. Would you want scripts running in e-mails that you
receive from just anyone? Most like the answer.do page runs a script.

The default for Outlook is to render HTML-formatted e-mails under the
Restricted Sites security zone. That prevents scripts from executing.
You could change the security options in Outlook to use the Internet
security zone to run scripts but then ALL e-mails could run scripts,
including spam and phish e-mails.

 

[Duane]

Thanks, VLH. That's a good explanation.
Can you tell me where (Outlook 2007) that security setting is? I'd like to
temporarily change it to confirm the problem.
Perhaps I should ask, can an e-mail run a script automatically (without me
clicking it, etc.)? If so, is there a difference in the security setting
between those that can and those (like the mentioned e-mail) that have to be
clicked?
Thanks again,
Duane

 

[VanguardLH]

Can you tell me where (Outlook 2007) that security setting is? I'd
like to temporarily change it to confirm the problem.

Hint: It's a "security" option.

When you are viewing an HTML-formatted e-mail, there isn't a
View -> View in Internet zone" menu? In OL2007, maybe it got moved to
"Other Actions -> View in Browser". Scripts will run from there since
the web browser's default will be to use the Internet security zone.

Perhaps I should ask, can an e-mail run a script automatically
(without me clicking it, etc.)?

Scripts can be embedded into URLs. URLs can point at server-side
scripts (I suspect that's what is happening with you). Scripts can be
ran as a mouse click event. Depends on how the HTML code was setup.
Both methods will be blocked when the HTML-formatted e-mail is rendered
under the Restricted Sites security zone, the default.

If so, is there a difference in the security setting between those
that can and those (like the mentioned e-mail) that have to be
clicked?

Nope. The same security zone gets applied to all content in the
HTML-formatted e-mail.