I received an email from a friend which Avast suggested I block so I said “Block it” but it apparently failed, and said it could not scan the message body. The original message said something about “iframe” or something.
Now the “flag for followup” flag toggles endlessly on any email I have highlighted. A full scan did not find anything and repairing outlook did not fix it.
First I don’t use MS Outlook so I’m not familiar with this ‘block’ you speak of in avast! I couldn’t find this option in the Outlook/Exchange plug-in but offers other choices (see image) and avast shouldn’t have anything to do with the flag for follow-up in Outlook.
The iFrame check is part of the Heuristics checking of the Internet Mail provider.
The iFrame HTML tag is a powerful tool which can import and execute data. Whilst this is fine on a web site for importing dynamic data, it can still be put to malicious purposes as well as good.
It isn’t often used in emails and usually for ads, etc. however the potential for harm is great and since avast can’t assess that potential at the time of scanning, it has to wait until that content were downloaded (too late) that is why the Heuristics flag it as suspicious.
If you know the remote address/url that the imported data is coming from (and you trust it) you can add that to the permitted URLs in the Heuristics section of the Internet Mail provider.
I thought that the “I received an email from a friend” so I assumed (you know what they say about assumption) they sent it intentionally and it happened to have an iFrame tag in it, sometimes used in Yahoo groups or Intellimail, etc.
The image just shows the default options and not my recommendation, I would use either of the other two and probably the move to the following Outlook folder.