Why could OpenVMS Mail be considered a security risk?

A.
OpenVMS Mail allows unprivileged unauthenticated (but potentially traceable) remote users to
test for valid usernames.

B.
OpenVMS Mail allows unprivileged unauthenticated remote users to see who is actively logged
on.

C.
DCL command procedures embedded in a mail message will be automatically executed during
user login unless the system manager defines the system logical name MAIL$DCL_DISABLE to
TRUE.

D.
Buffer overflows caused by out of specification message attachments may allow arbitrary code
to be executed without prompting the recipient.