Am 13.11.05 23:31 schrieb(en) genbie:
I have used thunderbird for a long time and opened messages (from 'trusted' sources like companies that I subscribe to their news digests/alerts/etc.) containing images everyday like those in ad banners but did not think a lot about security risks.
Afaik, Thunderbird has the feature to block external images in mails, but with the option to load them upon request. Reason: see below...
Is the threat for real or is it just being extra careful on the part of developers of e-mail clients that do not allow for this feature? I may change my mind about opening images but I just want to make sure that the threat is real ;-)
At least it's a not too rarely used method by spammers or companies to verify that your mail address is alive. As an example, instead of adding a link like http://company.com/advert1.png, they add something like http://company.com/advert1 pl?from=your mail your domain org - not difficult if the message was created by a script instead of a human, and perfectly leagal from the HTML pov. As soon as you load the image, the "PNG script" can record a lot of information, in particular your mail address, but maybe also the MUA, the OS, etc. etc. - you get the picture!
Of course it will also return the image so that for the users of bad MUA's (read: M$ Lookout ;-) everything looks fine. Even worse, there may be JavaScript or similar stuff in it which might be executed if you use the wrong app (see sbove). Either Mailscanner or Spamassassin (don't recall exactly) are able to remove such stuff from (HTML-) Mails, but setting it up is not easy and looks like overkill...
Therefore, IMHO ignoring external links is a *really* good idea. For me, html mails are 90% spam, btw, but that rate will of course vary.
Hth, cheers,
Albrecht.
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Albrecht Dreß - Johanna-Kirchner-Straße 13 - D-53123 Bonn (Germany)
Phone (+49) 228 6199571 - mailto:albrecht dress arcor de
GnuPG public key: http://www.mynetcologne.de/~nc-dreszal/pubkey.asc
_________________________________________________________________________
Attachment:
pgp46IlV6gD7s.pgp
Description: PGP signature