HTML email and spam tracking (was RE: [Dshield] Getting even.)

Clint Byrum cbyrum at
Fri Mar 8 23:10:57 GMT 2002

On Fri, 2002-03-08 at 14:26, Peter Street wrote:
> You do have a *slight* problem with all of this.  Your sending these
> things about, and even reading the HTML based e-mail (which some 60+%
> is) is just going to mean you get more.  And more.  And more...

You know, this brings up a really big gaping hole in one of the most (if
not *the* most) popular email programs... Outlook/Outlook Express. I
don't know about other windows mail programs, but these two don't seem
to offer any method to stop downloading images linked to in emails.

Or am I just unclear about how security zones work? I have email in the
restricted zone.. so I would figure that would be enough.

I got trapped by this(and I'm sure a lot of other people did) this past
summer when it started running rampant. My users also have noticed a lot
more spam that comes in with their address in the To: field instead of a
bogus one. Sure enough these all have some sort of <IFRAME
src=""> In it.

I'm wondering if there is a good solution for this besides dropping all
HTML email(something my users say they are dependant on). Right now I
have about 40 domains in my squid block list. This prevents both the
tracking, and the not-so-bright users clicking the "unsubscribe".
Unfortunately, by the time I've added a domain most of the users have
probably already received the spam.

BTW: Ximian Evolution has, I think, the exact right solution. You can
tell it to only download the images when somebody is in your address
book. This way all those pretty newsletters you get still have their
images, but the spam just shows up w/o pictures in case you accidently
open it.

> I just /dev/null the lot, without reading or opening.

Ahh yes.. but... some will always slip through. :-P

Oh and also.. right on Hank... though I wonder if the Better Business
Bureau wouldn't be a better number to offer up. The police surely have
better things to do than talk to spammers all day. ;-)


Clint Byrum

More information about the list mailing list