> However if I'm not mistaken Squirrelmail has had some vulnerabilities w.r.t. not
> properly protecting itself and your browser from embedded HTML, MIME attachments,
> and the like too....  (certainly several such web-based mail readers have had
> similar vulnerabilities and the problem is endemic to the protocols being used)


Oh, of course, security is an issue.  Just recently, IMP had some serious bugs that
are nowfixed.  But really, if you compare it to some of the bugs that Outluck was/is
vulnerableto, I think it's not as severe.  You just have to keep up with the patches and
advirsories.
(PS a search on securityfocus.com came up with only one vulnerability for squirrelmail,
and about 20 messages regarding IMP.  So squirrelmail is not that bad, you should try
it :-)