On Thu, 6 Jan 2005 00:10:51 -0500 (EST), D. Glenn Arthur Jr. wrote: > The first is a simple privacy exposure: some spam > includes references to images to be loaded from a web server, > rather than included in the message itself, and the filname > of an image will be coded with the recipient's address to let > the spammer know that that message was opened and viewed in > an HTML-aware MUA -- that the address does actually reach a > human.
Not necessarily a simple privacy exposure. With the recent vulnerabilities discovered in the decoding of a couple of different types of graphic files (PNG, I think, and maybe JPG), the "load an image from a foreign server" that used to be a simple "web bug" privacy exposure can now be a direct, executable-code-injection, take over your system vulnerability. TTYL, DougF KG4LMZ
