Helping people with computers... one answer at a time.

Blocking all email on a machine is going to be tricky. There are some other ways to do online banking securely.

Is it possible to configure an internet connected Windows XP, SP3, computer such that no email in or out is possible? I have a second computer for secure banking and I don't want to be susceptible to email hacking. I've removed all accounts from email account but imagine it's possible for viruses to install their own clients, and anyway Outlook Express seems to be inextricably woven into the fabric of XP, so I suppose a hacker could activate it. Occasionally, I get an Avast message that is saying that it's detected a secure email connection even though I have no clients other than Outlook Express and there is no obvious modem or disk activity.

In this excerpt from Answercast #78, I look at ways to keep one computer super-secure and use it only for online banking.

Blocking all email

The short answer to your question, if I take it absolutely, is "no"; there's really no way to prevent email from being sent.

All of the different ways we can talk about blocking it or preventing it - are all things that a machine could technically get around if the malware installed on it were sufficiently sophisticated.

Block email ports

We can talk about doing things like blocking the ports for email; outgoing email. But the problem is that in order for your machine to be functional, and useable for what you want it to do, it needs to be connected to the internet. There are certainly hoops that malware and other software could jump through that could actually use the same techniques that a web browser might use to send email.

In other words, you'd have to block your web browser completely, which would prevent your ability to even do the online banking you're trying to do.

Uninstalling Outlook Express

What I suggest you do is a little bit more than you've done. Certainly removing all of the accounts in Outlook Express is a good thing; and making you sure you have no other email clients installed is a good thing.

What I would do actually is go ahead and remove Outlook Express.

It's not in an obvious place. If you go to Add/Remove Programs, on the left hand side there is another option that says "Add/Remove" or "Change Windows Features." As it turns out, if you drill down into (I think) the Internet portion of the features that are available, you can actually uncheck Outlook Express.

I believe at that point it will be removed. That certainly will take you another step; that will help some more.

Block outgoing ports

If your firewall has the ability to block outgoing connections to port 25, 26 and 465 then those are ports that are worth blocking; those are commonly used to send email. 25 is probably the worst and if you can block only that, that's the one I'd have you block.

The problem is of course that, like I said, malware could use the ports that you need to actually do your online banking. It would render the whole operation moot if you can't do your online banking.

Safe browsing

So the other suggestion I make is - to play it safe:

  • Make sure you've got anti-malware software turned on;

  • That you've got real-time scanning turned on.

If things arrive while you're banking, then by all means, hopefully, the anti-malware software will catch it.

Try Linux

There's another school of thought here that I think might actually make some more sense.

If you're doing only online banking on this machine, you might consider whether it needs to run Windows at all. It's very possible that you could do everything you need to do using, for example, Linux.

You could get one of the popular Linux distributions (Ubuntu is the one that I usually recommend but there are others) and install it instead of Windows.

The reason I say that is not so much that it will reduce the number of malware attacks. What it does is reduces the number of malware attacks that can succeed.

Malware is typically targeted at Windows simply because Windows is, by far, the largest target and has the most number of people ripe for malware to succeed with. Linux does not.

That's not to say there isn't Linux malware - there is. But it's not nearly as common and not nearly as advanced, if you will, as some of the attacks that we're seeing against Windows.

You can install Linux; run a browser, and do all of your online banking. You could even use a utility like LastPass to share your passwords securely between your Windows machine, your Ubuntu machine, and whatever other machines you might have.

So if you really want to go down this route of security - the common, most secure solution that people tend to choose (if as you described all you really want to do on this machine is your online banking) is to consider installing a version of Linux and using that.

(Transcript lightly edited for readability.)

Article C6130 - December 13, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

4 Comments
bedlamb
December 13, 2012 10:05 AM

Completely agree that if you only use a particular machine for banking, you should use Linux. If you decide on Ubuntu, I believe it's the easiest for a novice to install. It can be installed beside, within, or instead of windows, depending on you choices.
Personally, I use Puppy Linux, because it's the simplest for me. Put it on a disk. Boot from the disk, and do whatever. It doesn't matter what other OS is on the machine, as it isn't running anyway.

othermike27
December 14, 2012 9:07 AM

Booting Ubuntu or another OS from a disk every time you want to do sensitive transactions certainly prevents any malware from modifying your system.

Seems a bit overkill (Leo - your thoughts?), but may be worth the trouble if you want to add another strong layer of protection to online transactions.

Eric J.
December 14, 2012 12:20 PM

Go to your email program and edit the Outgoing server (SMTP) setting to an invalid server or just delete the entry completely. No outgoing server, no email ever. This will not prevent using a web mail service, Gmail etc.

A Richter
December 14, 2012 12:26 PM

PuppyLinux on CD and/or USB stick would seem more convenient than installing Ubuntu if the only purpose is safe banking, from time to time. Puppy deploys in RAM only, and is a joy to run.

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.