[gaia e-mail] sanitizing web-bug images?

Andrew Sutherland asutherland at asutherland.org
Thu Aug 16 19:15:17 UTC 2012


On 08/16/2012 02:12 AM, Mark Banner wrote:
> Do you have any knowledge or suspicion of how many emails are sent 
> with just a single web bug image, and no other remote images?

I presume it to be rare in the case of newsletters/bulk e-mail.  I 
presume it to be fairly common in the case of services that provide 
individuals with tracking capabilities.  Although, a brief survey 
suggests that these services don't actually send 1x1 images.  For 
example (all examples are the domains with 'www' and 'com' stripped to 
avoid accidentally giving them any type of linkjuice):

- spypig: Embeds a choice of images, one of which is 20x20 pure white, 
or images of pigs or an image that actually says "I know you've read my 
email", or an image you upload.
- readnotify: Includes multiple image references in kind of a 
pre-emptive arms war kind of way per: 
http://blog.jgc.org/2006/10/peek-inside-readnotify.html .  The tracking 
images in the blog were height=1 width=3.  Interestingly, the img tag 
has "moz-do-not-send" set on it already, presumably to avoid subsequent 
false positives.
- didtheyreadit: Used an explicit 1x1 web bug in the past per 
http://nion.modprobe.de/blog/archives/598-DidTheyReadIt-or-did-they-read-it.html 
.  Used an Outlook? "nosend" attribute extension along the same lines of 
moz-do-not-send.

I am tempted to write a Thunderbird extension (that could be run in test 
pilot) to do the grunt-work of scanning an e-mail corpus to gather data 
just because it's interesting, but am unlikely to do so, so if anyone 
else wants to, please feel free!

> Purely, in my email history, I've only ever known this once where we 
> had it with getsatisfication at one stage, and we convinced them that 
> it was a bad idea due to UX and privacy, and convinced them to remove it.

The motivating example in this case was the recent mozillians e-mail 
with subject "Mobilize Mozilla:  NYC Marathon".  Mozilla may be more 
receptive than the average bear to Mozilla evangelism efforts.

Andrew



More information about the tb-planning mailing list