Email Security Testing Zone

Test the security of your email system!

Is your email system secure against email viruses and attacks?
The most deadly viruses, able to cripple your email system and corporate network in minutes, are being distributed worldwide via email in a matter of hours (for example, the LoveLetter virus). Email worms and viruses can reach your system and infect your users through harmful attachments. But that's not all! Some viruses are transmitted through harmless-looking email messages and can run automatically without the need for user intervention (like the Nimda virus). Are you covered against such threats?

Find out now by doing a vulnerability check on your email system!
 Sign up to test for these real world threats by entering your name and email address below. You will receive an email asking you to confirm your request by clicking on a URL, after which we will perform a vulnerability check of your email system. You will receive the results by email.

 Long subject attachment checking bypass test (for Outlook Express 6)
This test checks whether your system accepts emails with long subjects; in some versions of Outlook Express, long subjects can be used to bypass attachment checking. more info
Long subject attachment checking bypass test (for Outlook 2000)
This test checks whether your system accepts emails with long subjects; in some versions of Outlook, long subjects can be used to bypass attachment checking. more info
Attachment with no filename vulnerability test
This test examines whether your system accepts an attachment with no filename containing executable code that can bypass content checking security solutions. more info
Long filename vulnerability test
This test indicates whether your system blocks emails with attachments having long filenames, which can be used to trick a user into double-clicking the attachment, which can execute the malicious code it contains on the system. more info
Popup Object Exploit vulnerability test
Through this test, discover if your machine is vulnerable to the Popup Object Exploit which can automatically launch files on a vulnerable system. more info
Double file extension vulnerability test
This test shows whether your email system accepts emails which contain attachments with double file extensions. more info
ActiveX vulnerability test (works only on IE5.x)
Using this test, find out if your machine is vulnerable to the ActiveX exploit. more info
CLSID extension vulnerability test
This test reveals whether your mail server detects and blocks files with Class ID (CLSID) extensions. more info
CLSID extension vulnerability test (for Outlook 2002)
This test reveals whether your Outlook 2002 (XP) system detects and blocks files with Class ID (CLSID) extensions. more info
Eicar anti-virus software test
This test enables you to check if your anti-virus software is in place and functioning correctly. more info
Fragmented message vulnerability test (for Outlook Express)
 This test checks whether your server-level anti-virus/content checking system detects and blocks emails using the fragmented message exploit. more info 
GFI's Access exploit vulnerability test
 Through this test, discover if your machine is vulnerable to the Access exploit vulnerability discovered by GFI. This test does not apply to IE6 users who have the latest patches installed. more info 
Iframe remote vulnerability test
 Using this test, discover if your machine is vulnerable to the Iframe remote exploit. This test does not apply to IE6 users who have the latest patches installed. more info 
Malformed file extension vulnerability test (for Outlook 2002)
This test examines whether your Outlook 2002 (XP) system detects and blocks files with malformed HTA file extensions. more info 
MIME header vulnerability test (Nimda & Klez testing)
 This test examines whether your system is protected against emails using the MIME exploit. This test does not apply to IE6 users who have the latest patches installed. more info 
Object Codebase vulnerability test
 This test examines whether your system detects and blocks emails using the Object Codebase exploit. It is also suited to Outlook 2002. This test does not apply to IE6 users who have the latest patches installed. more info 
VBS attachment vulnerability test
This test checks whether your mail server blocks VBS attachments. more info
     
  
  Your email address is required in order to run these tests, as any test you select above will be emailed to you. WindowSecurity.com will keep your information confidential and will not sell, trade or exchange the names and email addresses supplied here.
  Name:
  Email:
  If you are on a company network, we recommend that you inform your network administrator before performing this test!
 

How the tests work & how to interpret them

These tests are designed to detect whether your email system is safeguarded against a number of email-borne threats. Some of the tests execute automatically, demonstrating vulnerabilities within Outlook and email clients which run the files automatically upon receiving or viewing the email. Others require the end user to run the attachment.

For tests involving an email attachment, such as the VBS attachment and the CLSID extension vulnerability tests:
If you can run the attached file in the test email, then you are vulnerable: The test will create a file on your desktop called gfi-test.txt, which contains vital system information.

If you are unable to run the attachment, this means you have effective desktop-level protection. For your network to be secure against this type of vulnerability, every machine on your network must have such client-based protection installed, including your servers.

For the MIME header and ActiveX vulnerability tests:
If the text file gfi-test.txt appears on your desktop, then you are vulnerable to the exploit being tested for. In this case, gfi-test.txt is created automatically and contains vital system information.

If you do not receive a test email that you requested:
This should mean that you are protected against that particular vulnerability; the test email will have been quarantined or blocked at mail server level.

Test safety guarantee
WindowSecurity.com guarantees that these tests are very safe and do not do anything dangerous.

More Security Tests

EndPointScan

With GFI's free web utility EndPointScan you can scan your network and know within minutes what devices are or have been connected to computers in your network and by whom. Once a scan is completed, GFI EndPointScan will display scan results in a graphical report. The report includes device usage, device threat level and computer risk level.

TrojanScan

Scan your system for trojans using this free online trojan scanner. Anti trojan software will allow you to scan and stop trojans from entering your network. A trojan remover is a vital addition to your network security toolbox, allowing you to clean a trojan virus which has already been installed in your system.

Email Security Test

Are you sure your Anti Virus solution is enough? Check whether your email system is vulnerable to email viruses, worms and other threats such as emails with potentially harmful attachments with VBS and CLSID extensions, emails with malformed MIME headers, HTML mails with embedded scripts and more. Includes Outlook and ActiveX vulnerability tests.

EventLogScan

Check for high security events happening on your machine, such as users logging on to your machine, accesses to important files on your machine, failed logon attempts, security policy changes to your machine, and more! Use EventLogScan to check that your system is truly secure!

Cross Site Scripting scan

Many businesses have fallen prey to Cross Site Scripting (XSS), as it is one of the most common yet underestimated of web attacks. Acunetix WVS Free Edition allows you to scan your website for XSS vulnerabilities, revealing all the essential information related to it, such as the vulnerability location and remediation techniques.


Receive all the latest articles by email!

Receive Real-Time & Monthly WindowSecurity.com article updates in your mailbox. Enter your email below!
Click for Real-Time sample & Monthly sample

Become a WindowSecurity.com member!

Discuss your security issues with thousands of other network security experts. Click here to join!

Community Area

Log in | Register

Solution Center

Readers' Choice

Which is your preferred network auditing solution?