Security Basics mailing list archives
RE: readnotify.com
From: "Ebeling, Jr., Herman Frederick" <hfebelingjr () lycos com>
Date: Wed, 25 Jan 2006 13:12:55 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ----Original Message---- From: HTRegz [mailto:htregz () aoaddicts net] Sent: Wednesday, 25 January, 2006 03:21 To: hfebelingjr () lycos com; security-basics () securityfocus com Subject: RE: readnotify.com : Hey Hey, : : ReadNotify (for standard emails) using 1x1 tracking to follow your : message... it inserts a 1 pixel by 1 pixel image into the HTML of the : email (If you're using Outlook for example, right click and go to View : Source), you'll see the location to that image. When this image is : accessed, the email is considered read. (so for example : hfebelingjr () lycos com readnotify com) would ask you to send a read receipt : and you would say no... but then if your mail viewer retrieved images by : default, the user would still receive a read receipt. : : There is also the option of sending an email to : hfebelingjr () lycos com silent readnotify com in this case when you open it, : you will not be asked to send a read receipt but if you tell it to : download images... it will notify the user that it has been read... : : Best way to disable/prevent it... don't download images on your emails... : You can check your message headers (if it's not silent... and you do get a : read receipt request and you'll see X-Read-Notification: Courtesy of : ReadNotify.com - http://www.<garbage>.readnotify.com) With the silent one, : you have to look at the source... The following code is added to the : email. : : ----SNIP---- : <div alt="v2beqz3u2r6vj1."><pre> </pre><pre> : <br><Img moz-do-not-send="true" border=0 height=1 width=3 alt="0" : lowsrc="" : Src=http://www.<garbage>.ReadNotify.com/nocache/<garbage>/footer0.gif><Img : moz-do-not-send="true" Border=0 Height=1 Width=2 Alt="" : Lowsrc=http://www.readnotify.com/ca/rspr47.gif ><BgSound volume=-10000 : Alt='' Lowsrc="" : Src=https://tssls.<garbage>.ReadNotify.com/nocache/<garbage>/rspr47.wav> : </pre><table height=1 width=3 border=0><tr><td background : =http://0320.185.62311/nocache/v2beqz3u2r6vjP/rspr47.gif> : </td></tr></table> : ----END SNIP---- : : So basically preventing images from downloading... I apologize for the : rambling in there... it's late... Hopefully you understood all of this. : : Peace, : HT : : : -----Original Message----- : From: Ebeling, Jr., Herman Frederick [mailto:hfebelingjr () lycos com] : Sent: Monday, January 23, 2006 7:46 PM : To: security-basics () securityfocus com : Subject: readnotify.com : : -----BEGIN PGP SIGNED MESSAGE----- : Hash: SHA1 : : Does anyone know anything about a web site called : (http://www.readnotify.com/)? If so does anyone know of anyway to : prevent it from sending it's return receipts to the sender? : : Herman : Live Long and Prosper : ___________________ _-_ : \==============_=_/ ____.---'---`---.____ : \_ \ \----._________.----/ : \ \ / / `-_-' : __,--`.`-'..'-_ : /____ ||- : `--.____,-' : : -----BEGIN PGP SIGNATURE----- : Version: PGP 8.0.3 : : iQA/AwUBQ9Vl5B/i52nbE9vTEQI9XgCg3Nhg6Fvo0Eb8SNifD9BPzKSM4csAnivR : LPCQGjXz9OhMxTZBZHXwZBQM : =IEYv : -----END PGP SIGNATURE----- HT, No problem about the rambling, I am interested in learning all that I can about computers and right now about (www.readnotify.com) and how to defeat it. Does readnotify appear in the headers in any form if an E-Mail is sent "silent?" As I said (I think) in my reply to Jim, I presume that IF one saves an E-Mail as a text document without opening it, that one can then read it's content WITHOUT "tripping" the embedded image? I've already scanned the headers and saw the readnotify.com reference in 'em. Which I guess it's a good thing that I know how to read headers, which is how I found out about readnotify. Herman Live Long and Prosper ___________________ _-_ \==============_=_/ ____.---'---`---.____ \_ \ \----._________.----/ \ \ / / `-_-' __,--`.`-'..'-_ /____ ||- `--.____,-' -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQ9e98B/i52nbE9vTEQK8VwCg+dEgNkBO8ZENUU/mFV6pcpGDWQQAoPm8 iO4BJQz3KV+2PtF3JbaE4QDR =UL1M -----END PGP SIGNATURE----- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: readnotify.com, (continued)
- Re: readnotify.com Larry Offley (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 25)
- RE: readnotify.com evb (Jan 25)
- RE: readnotify.com evb (Jan 27)
- Re: readnotify.com Larry Offley (Jan 26)
- Re: readnotify.com Jim Halfpenny (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: readnotify.com Saqib Ali (Jan 27)
- RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
- Re: readnotify.com Ansgar -59cobalt- Wiechers (Jan 27)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: vnc server Scott C. Best (Jan 26)