[ale] Spam and HTML email
Christopher Gilbert
chris_gilbert at bellsouth.net
Mon Jan 5 12:42:51 EST 2004
Oh.. and remember your opting-in
by visiting the spamer's website. ;)
On Mon, 2004-01-05 at 10:51, Geoffrey wrote:
> Dow Hurst wrote:
> > I'd like to hear the security experts chime in on this. I've encouraged
> > users to disable images in Mail and Newsgroups in Mozilla, which is our
> > default email app. However, what your doing prevents even Outlook users
> > from getting whanged. I thought that images were able to contain
> > embedded information or even javascripts now. Is this true? What are the
> > current and coming threats from allowing embedded URLs? To me it seems
> > that inherently it is a bad idea to allow this no matter how much people
> > want to violate a practical security policy!
>
> You can certainly validate an email address by embedding a link to a
> unique image in a message if the mail tool displays images. Simply
> create a 1x1 pixel white image and name it to be unique, as:
>
> esotericAT3times25.net.png
>
> And then send it to me. If my browers opens the image, there'll be a
> record of such in the web server that's serving the image.
More information about the Ale
mailing list