Swidgets' Email Xray 2.6 is a Microsoft Outlook add-on that can help users detect and avoid malicious email content and access email attachments that Outlook blocks. The product installs easily on Windows 98 Second Edition (Win98SE) or later client systems running Microsoft Outlook 2000 or later. I tested Email Xray on both a Windows 2000 Professional machine running Outlook 2000 and a Windows XP Professional machine running Microsoft Office Outlook 2003.

As Web Figure 1 (http://www.windowsitpro.com, InstantDoc ID 46977) shows, the Email Xray window has five tabs. The Message Body (Safe) tab displays a sanitized version of the formatted message. Active links from the message are inactivated and appear in red, along with the links' actual URLs. The Message Source tab displays an unformatted version of the message, including HTML tags and hidden text. The SMTP Headers tab displays message routing information. The Attachments tab lists all attachments, including any images that the opened message would display. You can select and save files from this list—even script and executable files that Outlooks blocks. (This feature could be a con unless you can trust users to open files from trusted sources only.) The Report tab, which lets you email a report that includes the plain-text message, source code, and message headers, is one of the product's most useful features and offers easy reporting of suspect messages to your security staff.

Email Xray is fairly inexpensive and safely displays email message content, although I wanted it to identify potentially misleading content—something the product doesn't do. I'd recommend the product as a tool for training employees to recognize potentially malicious messages, but users must be conscientious about screening their messages or Email Xray won't be much help. A more practical use might be as a tool for technical and Help desk staff who prescreen messages.
—John Green



Email Xray 2.6
Contact: Swidgets (a division of Cyberworlds) * 608-362-0318
Web: http://www.swidgets.com
Price: Starts at $14.95 per client for 1 to 9 systems; ranges through $6.95 per client for 100 or more systems
Summary
Pros: Easy to install and use; fairly inexpensive
Cons: Doesn't interpret symptoms of phishing or Trojan horse attacks; effectiveness depends on user's diligence
Rating: 3 out of 5
Recommendation: A good user-training tool or tool for IT and Help desk staff.