Hi, Its not fully an illusion, the way such things work is by placing a url in a html image tag pointing to a cgi script with the recipient's name or some kind of ID which will refer to the recipient. The theory is when the e-mail is opened in html mode, the html engine will go to the link to get the image (really a cgi script) the cgi script is then invoked, it takes the params of the tag, either makes a record in some kind of db (actual db or simple text file) or even sends an e-mail of notification to the sender, once thats complete it pumps out either the location of the real image to stdout or pumps the image's binary to stdout with its image identifier as the header.
This only works with e-mail clients that actively render html (ie: out-look, and any web based e-mail client (ie: hotmail, yahoo etc..)) However I've noted before that web-based clients such as horde, neomail, squirrel do not actively render html. This was/is a way that spammers verify e-mail addresses they place an image in the e-mail they send using a html image tag, and pass an id as a parameter, that id results in an e-mail address in their DBs once the image with that id has been grabbed off their server that event is recorded, from that they make their e-mail list CDs and sell it to other spammers, hence making another avenue for income. If you like I can send you a script that I have developed which will demonstrate this idiotic tactic for you. As far as applications go I really don't know of any specific apps that will do it. But I more than sure if you go into some spammer chat channels you'll be able to get info on that. you could also try joining the securityfocus.com ML Regards Arash __________________________________________________ Be one who knows what they don't know, Instead of being one who knows not what they don't know, Thinking they know everything about all things. http://www.partow.net ----- Original Message ----- From: "ocean" <[EMAIL PROTECTED]> To: "li" <[EMAIL PROTECTED]> Sent: Sunday, January 18, 2004 7:16 AM Subject: [linuxiran] Any good email security mailing list?!! > Hi > > Might seem a stupid question to ask here.. > But some time ago when I was surfing download.com I > came across a software which claimed to be capable of > informing you when your email has been opened by the > recipient!! I've forgotten the name of the software > and I don't know exactly where I should post this > rather ODD question so... > Is it possible or it's just an illusion? > > Cheers > > __________________________________ > Do you Yahoo!? > Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes > http://hotjobs.sweepstakes.yahoo.com/signingbonus > > > _______________________________________________ > bna-linuxiran mailing list > [EMAIL PROTECTED] > http://mail.nongnu.org/mailman/listinfo/bna-linuxiran > > _______________________________________________ bna-linuxiran mailing list [EMAIL PROTECTED] http://mail.nongnu.org/mailman/listinfo/bna-linuxiran
