Hi all,
I was aware of the old technique of including a small hosted image in a message, thereby confirming the exact date and time a message has been opened and displayed by simply recording the time it was requested.
I've just found out about more dirty tricks though (eg, readnotify.com) which offers services such as time-bomb emails which self-delete at a preset time, messages which self-delete if you try to copy or print them, and tracking information which includes the following:
Date and time opened
Location of recipient (per their ISP city /town)
Map of location (available on paid subscriptions)
Recipients IP address
Apparent email address of opening (if available)
Referrer details (ie; if accessed via web mail etc)
URL clicks
How long the email was read for
How many times your email was opened
If your email was forwarded, or opened on a different computer
More information at: http://www.readnotify.com/readnotify/faq.asp.
My question is, how much of this can we block?!
Obviously if we use Pocomail we will defeat anything that relies on client-side scripting, and if we block all images we will defeat the simple served-image thing, but is it possible for email to do things while on the server (like delete itself, or report back-to-base)?
I always thought that email was essentially a one-way system, but after reading some of the stuff on that site I'm a bit confused.
It doesn't really explain how it works, so I was hoping someone here could enlighten me?!
Cheers!
Read receipts, print-disabled and self-deleting emails - YUK
Moderators: Eric, Tomas, robin
7 posts
• Page 1 of 1
Read receipts, print-disabled and self-deleting emails - YUK
by wortgames » Wed Aug 16, 2006 7:59 pm
- wortgames
- Poco Tourist
- Posts: 38
- Joined: Fri Sep 10, 2004 2:34 am
Re: Read receipts, print-disabled and self-deleting emails -
by Tomas » Thu Aug 17, 2006 6:58 am
wortgames wrote:It doesn't really explain how it works, so I was hoping someone here could enlighten me?!
I'm highly suspicious that it's not explained on purpose.
Tested and it doesn't work with Pocomail. They couldn't find that I read that email. Email I received just had a standard notify header, which Poco of course doesn't acknowledge unless you specifically have it setup to do so, which 99% of the users don't have.
Besides that, they also offer you to include some banners in your message that ask the receiving party to acknowledge receipt manually.
I didn't investigate neither of advanced features like PDF or Office Documents tracking, nor self-deleting emails, but I have no reason to believe otherwise than that this will be just another similar thing. Simple technology that is easily overcome by any sophisticated enough computer user that has a reason to overcome it.
Pocomail or similar non-Outlook client coupled with a firewall and it's safe even for casual PC users.
- Tomas
- Pillar of the Community
- Posts: 1418
- Joined: Sun Jul 25, 2004 1:34 am
by wortgames » Fri Aug 18, 2006 3:06 pm
Hi Tomas,
I guess the document tracking must work on the same idea as the hosted image, but I'm a bit confused about their ability to track how long you spent reading an email etc.
The 'self-deleting' content must rely on an externally hosted content (eg a HTML page) that can be deleted or changed at will?
I really don't know much about the technology behind email, but I would like to at least understand what these techniques are!
I guess the document tracking must work on the same idea as the hosted image, but I'm a bit confused about their ability to track how long you spent reading an email etc.
The 'self-deleting' content must rely on an externally hosted content (eg a HTML page) that can be deleted or changed at will?
I really don't know much about the technology behind email, but I would like to at least understand what these techniques are!
- wortgames
- Poco Tourist
- Posts: 38
- Joined: Fri Sep 10, 2004 2:34 am
by robin » Sat Aug 19, 2006 7:55 pm
This is interesting reading, but we need to look at the underlying mechanisms that they can use.
Tracking: you can track the delivery path of a message without ReadNotify provided the relay and recipient servers provide that information. You can do it from Outlook. But this only says when the message was delivered to the next link in the chain or to the final mail server. As far as I know, mail servers do not report back when you have opened/downloaded a message. BTW: they don't actually say whatthey track which makes me suspicious (like Tomas).
ActiveTracker plugins which work with every e-mail client (even Poco I'll bet): this is I think a proxy just like outgoing AV checking that adds the necessary header requests for tracking as above.
WebMail plugin is integrated into IE and works with Yahoo and MSN. It doesn't seem to work with FF / Opera (etc).
Ensured / retractable mail has to be stored on their server. The giveaway is that you have to add readnotify.com to the end - this means that your e-mail client delivers the message to readnotify.com; not to your recipient. I would imagine that the end recipient then receives a link to the message on readnotify's server which probably opens the message in IE.
Block print / copy: I would imagine that this works the same way - when readnotify's server serves up the message to the client browser, it disabled the copy and print facility in the browser window (although I struggle with the idea of sending someone a message that you don't want them to print...)
PDF tracking: "...provided you track the e-mail which contains your...PDF." Says it all really.
As for the other things, from what I understand about mail servers and clients, once the message has been delivered to you the sender can get no information about what you do with the message unless you let them - i.e. you allow a read receipt (I don't) or you allow the client to download that little image that says that you have read the message.
So to address the first question: how much can we block? The answer as I see it is "most of it". If the sender has used the readnotify servers then there isn't much that you can do about it (except refuse the follow the link that I assume you are sent - like I would if sent a link to somewhere else).
Tomas - you say you've tried it. Any more comments?
I've just found out about more dirty tricks though (eg, readnotify.com) which offers services such as time-bomb emails which self-delete at a preset time, messages which self-delete if you try to copy or print them, and tracking information which includes the following:
Date and time opened
Location of recipient (per their ISP city /town)
Map of location (available on paid subscriptions)
Recipients IP address
Apparent email address of opening (if available)
Referrer details (ie; if accessed via web mail etc)
URL clicks
How long the email was read for
How many times your email was opened
If your email was forwarded, or opened on a different computer
Tracking: you can track the delivery path of a message without ReadNotify provided the relay and recipient servers provide that information. You can do it from Outlook. But this only says when the message was delivered to the next link in the chain or to the final mail server. As far as I know, mail servers do not report back when you have opened/downloaded a message. BTW: they don't actually say whatthey track which makes me suspicious (like Tomas).
ActiveTracker plugins which work with every e-mail client (even Poco I'll bet): this is I think a proxy just like outgoing AV checking that adds the necessary header requests for tracking as above.
WebMail plugin is integrated into IE and works with Yahoo and MSN. It doesn't seem to work with FF / Opera (etc).
Ensured / retractable mail has to be stored on their server. The giveaway is that you have to add readnotify.com to the end - this means that your e-mail client delivers the message to readnotify.com; not to your recipient. I would imagine that the end recipient then receives a link to the message on readnotify's server which probably opens the message in IE.
Block print / copy: I would imagine that this works the same way - when readnotify's server serves up the message to the client browser, it disabled the copy and print facility in the browser window (although I struggle with the idea of sending someone a message that you don't want them to print...)
PDF tracking: "...provided you track the e-mail which contains your...PDF." Says it all really.
As for the other things, from what I understand about mail servers and clients, once the message has been delivered to you the sender can get no information about what you do with the message unless you let them - i.e. you allow a read receipt (I don't) or you allow the client to download that little image that says that you have read the message.
So to address the first question: how much can we block? The answer as I see it is "most of it". If the sender has used the readnotify servers then there isn't much that you can do about it (except refuse the follow the link that I assume you are sent - like I would if sent a link to somewhere else).
Tomas - you say you've tried it. Any more comments?
- robin
by Tomas » Sat Aug 26, 2006 6:36 am
robin wrote:Tomas - you say you've tried it. Any more comments?
I'm sorry but I don't have any more insights than what I wrote above.
I only tested the basics, that's true, but the total lack of specific information (the price was probably as much specifics as they seemed to be open to reveal) made me not to spend anymore time there.
Frankly, whole their website seemed to me like they are only after my money.
- Tomas
- Pillar of the Community
- Posts: 1418
- Joined: Sun Jul 25, 2004 1:34 am
by chrisretusn » Tue Oct 03, 2006 1:21 am
Robin,
That was an interesting read, including the HP investigators link in the blog. Thanks.
PocoMail (and Barca) are definitely equipped to handle this sort of thing. Including checking headers for Readnotify messages.
That was an interesting read, including the HP investigators link in the blog. Thanks.
PocoMail (and Barca) are definitely equipped to handle this sort of thing. Including checking headers for Readnotify messages.
Chris
PocoMail 4.8.0.4400 running in Slackware64 w/Wine
PocoMail 4.8.0.4400 running in Slackware64 w/Wine
- chrisretusn
- Poco Enthusiast
- Posts: 284
- Joined: Tue May 24, 2005 12:09 am
- Location: Philippines
7 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 0 guests