Internet Explorer can be tricked into sedning mail through its FTP client
without any more user interaction than loading a page !
IE will accept %0a and %0d in URLs. In FTP URLs, it will accept them in the username part of the URL.
Due to similarity between FTP and SMTP protocols, this can be used to send mail.
Vulnerable Products:
1) MS-IE 6.0.2800.1106, 6.0.2900
2) Outlook Express v6 SP1 Win2K
Reported by: http://packetstormsecurity.org/0412-advisories/ieTrick.txt
Exploit
By loading this page, you will send me a mail !