[LINK] RFI: ReadNotify.com
Kim Holburn
kim.holburn at gmail.com
Mon Oct 22 21:09:52 AEST 2007
They definitely do use the embedded image, more than one, 3 or 4.
BTW the idea is that each email has an image with an identifiable
string so they and they use their web server to log requests for the
image. This bunch clearly tinkers with the content of your email
(which I hate). I wonder what happens if you send a digitally signed
email? Since I read emails as text mostly my email still hasn't been
"opened". I wonder what would happen if a linker were to open one of
the images? ;-)
BTW this is the whole of what was added. Appears to be a BG
soundfile as well. Perhaps that's how they monitor how long you had
the email open. There's a very strange host section in the
background image "http://0320.69.45444/" I haven't seen anything
like that before. How does that work?
> <div alt="lbzeage816hts1."><pre> </pre><pre>
> <br><Img moz-do-not-send="true" border=0 height=1 width=3 alt=""
> lowsrc=""
> Src=http://www.lbzeage816hts8.ReadNotify.com/nocache/lbzeage816hts9/
> footer0.gif><Img moz-do-not-send="true" Border=0 Height=1 Width=2
> Alt=""
> Lowsrc=http://www.readnotify.com/ca/rspr47.gif ><BgSound
> volume=-10000 Alt='' Lowsrc=""
> Src=https://tssls.lbzeage816htsv.ReadNotify.com/nocache/
> lbzeage816htsv/rspr47.wav><img
> src=www.lbzeage816htsh.ReadNotify.com/nocache/lbzeage816htsQ/
> rspr47.gif>
> </pre><table height=1 width=3 border=0><tr><td
> background
> =http://0320.69.45444/nocache/lbzeage816htsP/rspr47.gif> </td></
> tr></table>
> </div><div><title> trial message </title>
> <title>
>
>
>
>
>
> &zwj
> ;
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> </title>
> <title> trial message </title>
> </div alt="lbzeage816hts1."></BODY></HTML>
On 2007/Oct/22, at 12:25 PM, Kim Holburn wrote:
> So what happens when you send an email to several people or say a
> mailing list??
>
> I'm sure there is something like a return receipt mentioned in the
> smtp RFCs but it is voluntary.
>
> The usual technique is to include an almost invisible image from a
> website like a 1 pixel transparent gif for instance. It doesn't
> work if the person receiving the email has html viewing off or has
> their browser set to not display images from websites. It works if
> the recipient is using a webmail system of some sort. The site
> seems incredibly MS centric.
>
> This is the giveaway section:
>
>> Choose a message to display (shows up if the reader sees
>> unformatted email text, or moves the mouse over the banner)
>>
>> The sender of this message requests confirmation when you
>> read it. Click here to confirm.
>> Click here to confirm to the sender that you received this
>> message.
>> none
>> Other: Please specify:
>>
>> Note: this message goes out with all mail you send using
>> ReadNotify
>
> It also takes longer and sends all the emails through their
> servers. Apart from anything else this will of necessity take
> longer. Their servers would I assume strip the .readnotify.com
> from the recipients' emails addresses.
>
> I notice nothing in their terms and conditions nor privacy
> statement about what they will or will not do with the contents of
> your emails.
>
--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294 M: +39 3494957443
mailto:kim at holburn.net aim://kimholburn
skype://kholburn - PGP Public Key on request
Democracy imposed from without is the severest form of tyranny.
-- Lloyd Biggle, Jr. Analog, Apr 1961
More information about the Link
mailing list