I think that Walter hinted at another scheme that hasn't yet been explicitly mentioned. By making a request like the one below the spammer can use their DNS server logs to track messages, even if all TCP access is blocked by a personal firewall. The answer, as stated below, is that any email client that does HTML mail should be highly restricted on what tags it interprets (no "active" content) and should not display anything that didn't come included with the message. Possibly there should be a special DTD just for this purpose. On Mon, 20 Aug 2001, Walter Hop wrote: ..SNIP.. > http://4747683621.spammer.com/ ..SNIP.. > Some mailers like "The Bat" have their own HTML engine that refuses to > do HTTP requests at all. This seems the best solution. -- Mark Tinberg <MTinbergat_private> Network Security Engineer SecurePipe, Inc. -- Managed Network Security Services Remember: Wherever you go, there you are!
This archive was generated by hypermail 2b30 : Mon Aug 20 2001 - 20:36:57 PDT