Chronology Current Month Current Thread Current Date
[Year List] [Month List (current year)] [Date Index] [Thread Index] [Thread Prev] [Thread Next] [Date Prev] [Date Next]

Re: HTML Mail for PHYS-L: Pros/Cons



Derek Chirnside wrote:
I'm sure that osmeone else more knowledgeable could explain the issues here
and what could happen. But there seems to be a possibility for outsiders to
get in in some circumstances. ie www access, HTML finding it's way from a
mail out to the www can be a problem.

Everything I mentioned about server logs is run-of-the-mill for anybody
running a website. Everytime your browser gets a file from anywhere on
the web it provides some information about your computer - where to find
it being one piece of information. The thing I wanted to point out was
that convenience of loading external images from within an email message
is handy, but anybody who does it is also able to start putting two and
two together as they see fit... "lets see, I sent this message to these
people, and I find the associated images being read at these times by
these computers". Personally, I don't like to people to know how many
times and when I read their email to me. When my systems prompts me to
say the sender wants confirm ation of receiving a message, I always
reject it.

Here is one other thing, server logs also tell me about who clicks on
the links that I email to them via the network id number. In fact,
depending on how your system is set up you might be saying a lot to the
host computer whenever you click on a link in your email. Here is a
sample from my server logs:
mailbox:/C|/ProgramFiles/Netscape/Users/dcc/mail/Inbox?id=39E4778B.493E826A%40escape.ca&number=42250519
This is the "http_referer" showing how a person was refered to the web
page. To avoid telling you anything potentially private about anybody
else, I generated this by sending a message to myself. So here's what
you see:
The person (me) who asked for this web page did it by clicking on a link
that came to them in their mailbox. That mailbox is located on their
computer at C:/Program Files/Netscape/Users/dcc/mail/ and the message
was still in their "inbox". Their domain is escape.ca, so their email
address is dcc@escape.ca

This is something you might want to think about before clicking on any
links in your email in the future... So suppose that you receive some
spurious spam "ALL THE BEST HOT NAKED BABES ON THE NET". You're bored,
so you click to see what's up. After that you regularly receive similar
spam with a note "this is not spam, this is only sent to people who've
indicated an interest in this material". Now you know one way that they
can try to justify this claim.

\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\_/^\

Doug Craigen
http://www.dctech.com/physics/about_dc.html