> <img > src="http://www.megahardcoresex.com/sites/XXXXXXXX0 (continued) > 3b/sf03b08152001.gif?M=XXXXXXXXX&ID=wakkoat_private" > width="1" height="1"> Ok, this has me scared now.... > So, anyone have any idea of how to deal with this latest > little spammer > toy? Is there any effective way to filter out web bugs > without adversely > affecting the delivery intact of legitimate messages? > Could software > change to at least warn viewers that this HTML viewer is > accessing offsite > content? Is it worth doing? Well, the problem that many people will have with these sorts of e-mails is known in the trade as Microsoft Outlook. What really scares me is that *simply clicking* on such an e-mail in Outlook, loading it up in the AutoPreview page, which many people regard as "safe" (scripts aren't allowed to run in it), will cause the bug to be loaded and your address to be verified. The most scary bit is that I don't think there is any way to disable remotely-loaded images in Outlook. True, you can choose which Internet Explorer Security Zone recieved messages fit into, but I don't think that even the "Restricted Sites" zone disables off-site image loading (I'll have to check on that one, the help isn't very clear). So, where does that leave a user? In Outlook, you can't tell if an e-mail is HTML without viewing it in the preview pane, in which case you've already confirmed your existence to spammers. You can't report the spam using such services as SpamCop unless you actually open the e-mail to get the source. Now you're gambling. Staring at this spam, betting as to whether it's html or text. But to *delete* the thing immediately, you need to select it, and in selecting it, you are loading it into the preview pane. I've turned off my preview pane to start with. And I think a script which warns you of (or preferably deletes) HTML e-mails before they are loaded needs developing. Cheers, Russ Garrett (rgat_private)
This archive was generated by hypermail 2b30 : Sun Aug 19 2001 - 10:06:37 PDT