Seems allowing HTML in Outlook, Outlook Express and Netscape E-mail clients can be exploited quite easily by Spammers or anyone who wishes to gather information such as Valid Address, Date and Time of opening E-mail, IP address at time of opening and other information normally contained in header info of E-mails.
This also begs the question if other code could be embedded into into an E-mail without our knowledge!
Ran into a website that graphically showed the vunerablility we face if someone wants to be tricky.
This is basically how it works.
Sendor of E-Mail Embeds Img Src code for object via code and directs source back to thier server. This object could be as small as 1 pixel x 1 pixel and also transparent so you do not know it is happening. When request for object is received at sending server information of request, IP address, E-Mail Address, Time and date stamp user agent info, Client, OS and versions all can be gathered.
This is bad enough but it will also happen if crafted message is forwarded on to anyone else!
Seems the more creative one gets with their communications the more vunerable one becomes to misuse!
Here is the site that explains the problem further and has a working model of it to show the vunerability!
Many thanks to Jim Mackraz for providing us with this heads up!
http://mackraz.com/trickybit/readreceipt/
Dave
This also begs the question if other code could be embedded into into an E-mail without our knowledge!
Ran into a website that graphically showed the vunerablility we face if someone wants to be tricky.
This is basically how it works.
Sendor of E-Mail Embeds Img Src code for object via code and directs source back to thier server. This object could be as small as 1 pixel x 1 pixel and also transparent so you do not know it is happening. When request for object is received at sending server information of request, IP address, E-Mail Address, Time and date stamp user agent info, Client, OS and versions all can be gathered.
This is bad enough but it will also happen if crafted message is forwarded on to anyone else!
Seems the more creative one gets with their communications the more vunerable one becomes to misuse!
Here is the site that explains the problem further and has a working model of it to show the vunerability!
Many thanks to Jim Mackraz for providing us with this heads up!
http://mackraz.com/trickybit/readreceipt/
Dave