[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [linuxiran] Any good email security mailing list?!!
From: |
ocean |
Subject: |
Re: [linuxiran] Any good email security mailing list?!! |
Date: |
Sun, 18 Jan 2004 03:34:25 -0800 (PST) |
--- Arash Partow <address@hidden> wrote:
> Hi,
>
> Its not fully an illusion, the way such things work
> is by placing
> a url in a html image tag pointing to a cgi script
> with the
> recipient's name or some kind of ID which will refer
> to the
> recipient. The theory is when the e-mail is opened
> in html mode,
> the html engine will go to the link to get the image
> (really a
> cgi script) the cgi script is then invoked, it takes
> the params of the
> tag, either makes a record in some kind of db
> (actual db or
> simple text file) or even sends an e-mail of
> notification to the
> sender, once thats complete it pumps out either the
> location of the
> real image to stdout or pumps the image's binary to
> stdout with
> its image identifier as the header.
>
> This only works with e-mail clients that actively
> render html
> (ie: out-look, and any web based e-mail client (ie:
> hotmail,
> yahoo etc..)) However I've noted before that
> web-based clients
> such as horde, neomail, squirrel do not actively
> render html.
>
> This was/is a way that spammers verify e-mail
> addresses they
> place an image in the e-mail they send using a html
> image tag,
> and pass an id as a parameter, that id results in an
> e-mail
> address in their DBs once the image with that id has
> been grabbed
> off their server that event is recorded, from that
> they make their
> e-mail list CDs and sell it to other spammers, hence
> making
> another avenue for income.
>
> If you like I can send you a script that I have
> developed which
> will demonstrate this idiotic tactic for you.
Well thanks for the offer; I'll take it.
As far
> as
> applications go I really don't know of any specific
> apps that
> will do it.
They call it <email receipt> (as I found the term by
chance) and there are a bunch of softwares written for
it(as I found again by chance) most of which are for
that other >os<! I can observe them to find out more.
But I more than sure if you go into some
> spammer chat
> channels you'll be able to get info on that. you
> could also try
> joining the securityfocus.com ML
>
>
>
> Regards
>
>
>
> Arash
>
>
> __________________________________________________
> Be one who knows what they don't know,
> Instead of being one who knows not what they don't
> know,
> Thinking they know everything about all things.
> http://www.partow.net
>
>
>
>
> ----- Original Message -----
> From: "ocean" <address@hidden>
> To: "li" <address@hidden>
> Sent: Sunday, January 18, 2004 7:16 AM
> Subject: [linuxiran] Any good email security mailing
> list?!!
>
>
> > Hi
> >
> > Might seem a stupid question to ask here..
> > But some time ago when I was surfing download.com
> I
> > came across a software which claimed to be capable
> of
> > informing you when your email has been opened by
> the
> > recipient!! I've forgotten the name of the
> software
> > and I don't know exactly where I should post this
> > rather ODD question so...
> > Is it possible or it's just an illusion?
> >
> > Cheers
> >
> > __________________________________
> > Do you Yahoo!?
> > Yahoo! Hotjobs: Enter the "Signing Bonus"
> Sweepstakes
> > http://hotjobs.sweepstakes.yahoo.com/signingbonus
> >
> >
> > _______________________________________________
> > bna-linuxiran mailing list
> > address@hidden
> >
>
http://mail.nongnu.org/mailman/listinfo/bna-linuxiran
> >
> >
>
>
> _______________________________________________
> bna-linuxiran mailing list
> address@hidden
>
http://mail.nongnu.org/mailman/listinfo/bna-linuxiran
__________________________________
Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes
http://hotjobs.sweepstakes.yahoo.com/signingbonus