Full Disclosure mailing list archives
RE: leaking
From: "Alerta Redsegura" <alerta () redsegura com>
Date: Wed, 12 May 2004 12:46:52 -0500
In the specific case we are talking about here: 1. Somebody sends a message to the list from a web-based e-mail service. 2. All messages sent from this web-based e-mail service have a banner. 3. The banner is an "img" tag with an "a href" to click on it. 4. The banner is not shown via "script" tags. 5. Neither the sender nor the web-based e-mail service have the list e-mail addresses: the message is sent to the list address! Now, I repeat the question: How can the web-based email service in this particular case, gather email addresses from the members of this list via this banner? ------ Aaron Peterson wrote:
You don't _collect_ email addresses (they obviously already have it if they are sending you email with it, ;) But you can verify email addresses with it. The easiest would be to put a hash or some other identifier of the users email address in the url for the image, then have mod_rewrite rewrite the url (or not, who cares... you just wanted to verify the email address was good) to an actual image on your system, and log the embeded info and compare to your known addresses.
------ Jimmy Kuijpers wrote:
The beatch is probably collecting our addresses for spam.
------ IƱigo Koch Red Segura _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: leaking, (continued)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking KUIJPERS Jimmy (May 12)
- Re: leaking Gary E. Miller (May 12)
- Re: leaking Valdis . Kletnieks (May 12)
- Re: leaking Gary E. Miller (May 12)
- RE: leaking Aditya, ALD [Aditya Lalit Deshmukh] (May 12)
- Re: leaking Ron DuFresne (May 13)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking sith (May 12)
- RE: leaking Alerta Redsegura (May 12)
- Re: leaking sith (May 12)
- RE: leaking Alerta Redsegura (May 12)
- RE: leaking Alerta Redsegura (May 12)
- Re: leaking Alexander Gretencord (May 12)
- RE: leaking Dave Horsfall (May 12)
- Re: leaking Nancy Kramer (May 12)
- Re: leaking Dave Horsfall (May 12)
- Re: leaking Nancy Kramer (May 12)