post your comment   print   send to a friend
Rate:   0% | Views: 223
Question categories:  Web Design

This image has been removed for security reasons


A common question asked regarding HTML emails is, “Why are pictures in my HTML e-mails replaced with warning signs, such as ‘This image has been removed for security reasons?’”

There are two kinds of images that come with your HTML e-mail: the ones that come attached with the e-mail itself, and others that link to remote sites. Images that are linked to remote sites are considered "unsafe" for the following reasons:

Spammers can abuse this to validate your e-mail address
- The sender can know instantly if you have read their e-mail or not (privacy concern)
- Finding out information about your browser, operating system, and your mail server (security concern).

Let's look at these issues in more detail:

Validating your e-mail address
Spammers can (and do) include specially-crafted image tags that include a "bug" used to validate that your e-mail address is a live one and that you actually read e-mail sent to this address. When such image is loaded, a request is sent to the spammer's server and it notes in its database of e-mail addresses that you have, in fact, received and read the spam e-mail they sent. Such addresses are re-sold to other spammers and the amount of spam you will receive is going to grow exponentially.

Verifying that you have read your e-mail
This issue is a privacy concern. If there are images in the e-mail that link to the sender's website, they will know instantly when you have opened and read the e-mail they sent. This can be used against you if for some reason you decide to deny ever receiving that e-mail from the sender; they will have proof that you have received, opened, and read that e-mail.

Finding out information about you
Every time an image is loaded off the remote server, it leaves a "log" message about what type of system you are using, including the version of your browser, your internet IP address, as well as information about your mail server and the software running on it. This information can be used to carry out attacks on your computer or the server where SquirrelMail runs.

Malicious tags
Images in email can also be used to auto-execute cross-site scripting code in an attempt to trick your browser into revealing your account information to crackers with malicious intent.

Only allow images in HTML emails to be viewed from email addresses and companies that you know and trust.
Customer Feedback
Rate:   0% | Views: 223 | Please Rate:  
 
If you have other comments or ideas for future technical tips, please type them here:

Email: (optional)

Comments: (optional)
 Server Dedicated Hosting | Email Hosting    Back to serch results
Browse the Base
Knowledge Base
Web Design
  Trellix SiteBuilder
  FrontPage
  Professional Design
  Do It Yourself
  WSC Website Builder
Messages
 

$75 Free Google AdWords

Free $75 Google AdWords when you sign up for WebImage! Target by location, create your own, or let Google create your ads for you. Check out http://www.aplus.net/google.html to see how AdWords works for you.

Private Area
 
Ask
in Private
   
Personal
Folder
 
Related Questions
 
1. What exactly is HTML?
 
2. What about Hypertext Markup Language?
 
3. What is Body Tag?
 
4. How to place Headings on your page and how to use the Font Tags?
 
5. What is a HYPERLINK?
 
Home Browse Search Ask in Private Personal Folder   Help
powered by web hosting 
  Logged as: Guest