The iframe tag is normally used in html pages and is generally used to load dynamic content into a section (frame) of the existing page.
Because it calls another page/url if this is used in an email it can be potentially dangerous.
I think there may be some security settings that you can change to limit this.
I never have the preview window open (by default) in OE until I know the source/sender of any email and I am usually offline when i read my emails so they can’t access the internet. This is I feel much better than viewing everything in plain text.
An html formated email even when viewed in plain text, still has the html content (the