> > There have been several questions over the last couple of weeks about
> > displaying external images in HTML formatted e-mails and the answer
> > is always that it is a security risk. Could someone (Sam?) please
> > explain where the risk is? The browser will fetch the URL and attempt
> > to render the file based on the file extension.
>
> ... Along with any trojan cookies, or rogue Javascript code. Not
> to mention
> the remote web server logging your transfer, thus, with carefully-crafted
> HTML, the sender will know -- without your knowledge -- whether
> and when the HTML E-mail has been read.
> ...
> Item #18 in your organization's FAQ mentions one privacy-invading
> practice
> which is prevented by blocking external images. I think that you may
> already know all the tricks that can be pulled with web bugs, and other
> kinds of funny business, in HTML-formatted E-mail messages.
>
> I know all about them too.
Yes, obviously I know about webbugs, and yes, we put them on our e-mails
(though we don't actually use the data for anything at this point and our
privacy policy prohibits us from passing the individual data onto our
clients). But I hardly consider them a "security risk". Invasion of privacy,
maybe but that is a discussion for another time. As for rogue JavaScript,
I don't see a problem since the browser doesn't do any HTML parsing on the
image file, putting JavaScript into a fake .GIF won't do anything but create
a broken image.
Someone else mentioned loading external images as a user option. I
implemented it as a global change, but I think I'll go back and see if
I can do it as an option when I get a little free time.
- Ron
