Bugtraq mailing list archives
Re: HTML email "bug", of sorts.
From: "Daryl Banttari" <daryl () windsorcs com>
Date: Sun, 19 Aug 2001 13:31:03 -0500
From: "Alex Prestin" <wakko () bitey net>
So, anyone have any idea of how to deal with this latest little spammer toy? Is there any effective way to filter out web bugs without adversely affecting the delivery intact of legitimate messages? Could software change to at least warn viewers that this HTML viewer is accessing offsite content? Is it worth doing?
Hmm... I found a way to prevent image bugs/trackers from loading in Outlook Express. If you add your favorite mail server(s) to ZoneAlarm's "local network" hosts, then disable Outlook's ability to access the Internet (but leave intact Outlook's permission to access the "local network"), then mail can be received, but foreign images cannot load. Of course, this affects ALL images in ALL e-mail, but you asked for 'any idea' on how to prevent this. :-) BTW: The more I use ZoneAlarm, the more I like it. http://www.zonealarm.com/ (No, I don't work for them.) Daryl Banttari Author, "Daryl's TCP/IP Primer" http://www.ipprimer.com/ ----- Original Message ----- From: "Alex Prestin" <wakko () bitey net> To: <bugtraq () securityfocus com> Sent: Saturday, August 18, 2001 5:17 AM Subject: HTML email "bug", of sorts. I'm not sure this is the proper forum for "conspiracy-theory" bugs, but I figured this would be of interest to anyone trying to prevent the names of valid email accounts they either own or administer from being verified and added to "official" known-good spam rosters. You may have heard of "web-bugs" before. Or you may not have. For the benefit of the less-experienced, here's what they are and what they do: "Web bugs" are small, 1x1 (or similar-sized) transparent GIF images which can be used to track the movement of a user around the web. About 1 in 10 sites use them. Their effectiveness at this task is somewhat questionable, but they can be used more effectively for a different task: I've started noticing something very disturbing in the HTML in spam mails recently. I've started seeing web bugs. Below is an example from a recent email: <img src="http://www.megahardcoresex.com/sites/XXXXXXXX0 (continued) 3b/sf03b08152001.gif?M=XXXXXXXXX&ID=wakko () bitey net" width="1" height="1"> See it? A web bug. If I opened this mail in an HTML-capable browser, that little image would've popped up and I would've been none the wiser. My address would also have been verified by the sender, and stored in a large database of valid recipients. So, anyone have any idea of how to deal with this latest little spammer toy? Is there any effective way to filter out web bugs without adversely affecting the delivery intact of legitimate messages? Could software change to at least warn viewers that this HTML viewer is accessing offsite content? Is it worth doing? Anyone? Bueller? - A.P.
Current thread:
- Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp Support Info (Aug 17)
- HTML email "bug", of sorts. Alex Prestin (Aug 18)
- RE: HTML email "bug", of sorts. Russell Garrett (Aug 19)
- Re: HTML email "bug", of sorts. John D. Hardin (Aug 19)
- Re: HTML email "bug", of sorts. role+bugtraq (Aug 19)
- Re: HTML email "bug", of sorts. Daryl Banttari (Aug 19)
- Re: HTML email "bug", of sorts. Jon Masters (Aug 19)
- Re: HTML email "bug", of sorts. Jeffrey W. Baker (Aug 19)
- Re: HTML email "bug", of sorts. Jason Haar (Aug 20)
- Re: HTML email "bug", of sorts. Thor (Aug 20)
- Re: HTML email "bug", of sorts. John Fitzgibbon (Aug 20)
- Re: HTML email "bug", of sorts. Sean Straw / PSE (Aug 21)
- HTML email "bug", of sorts. Alex Prestin (Aug 18)