Security Basics mailing list archives
RE: readnotify.com
From: "HTRegz" <htregz () aoaddicts net>
Date: Wed, 25 Jan 2006 03:21:25 -0500
Hey Hey, ReadNotify (for standard emails) using 1x1 tracking to follow your message... it inserts a 1 pixel by 1 pixel image into the HTML of the email (If you're using Outlook for example, right click and go to View Source), you'll see the location to that image. When this image is accessed, the email is considered read. (so for example hfebelingjr () lycos com readnotify com) would ask you to send a read receipt and you would say no... but then if your mail viewer retrieved images by default, the user would still receive a read receipt. There is also the option of sending an email to hfebelingjr () lycos com silent readnotify com in this case when you open it, you will not be asked to send a read receipt but if you tell it to download images... it will notify the user that it has been read... Best way to disable/prevent it... don't download images on your emails... You can check your message headers (if it's not silent... and you do get a read receipt request and you'll see X-Read-Notification: Courtesy of ReadNotify.com - http://www.<garbage>.readnotify.com) With the silent one, you have to look at the source... The following code is added to the email. ----SNIP---- <div alt="v2beqz3u2r6vj1."><pre> </pre><pre> <br><Img moz-do-not-send="true" border=0 height=1 width=3 alt="0" lowsrc="" Src=http://www.<garbage>.ReadNotify.com/nocache/<garbage>/footer0.gif><Img moz-do-not-send="true" Border=0 Height=1 Width=2 Alt="" Lowsrc=http://www.readnotify.com/ca/rspr47.gif ><BgSound volume=-10000 Alt='' Lowsrc="" Src=https://tssls.<garbage>.ReadNotify.com/nocache/<garbage>/rspr47.wav> </pre><table height=1 width=3 border=0><tr><td background =http://0320.185.62311/nocache/v2beqz3u2r6vjP/rspr47.gif> </td></tr></table> ----END SNIP---- So basically preventing images from downloading... I apologize for the rambling in there... it's late... Hopefully you understood all of this. Peace, HT -----Original Message----- From: Ebeling, Jr., Herman Frederick [mailto:hfebelingjr () lycos com] Sent: Monday, January 23, 2006 7:46 PM To: security-basics () securityfocus com Subject: readnotify.com -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Does anyone know anything about a web site called (http://www.readnotify.com/)? If so does anyone know of anyway to prevent it from sending it's return receipts to the sender? Herman Live Long and Prosper ___________________ _-_ \==============_=_/ ____.---'---`---.____ \_ \ \----._________.----/ \ \ / / `-_-' __,--`.`-'..'-_ /____ ||- `--.____,-' -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQ9Vl5B/i52nbE9vTEQI9XgCg3Nhg6Fvo0Eb8SNifD9BPzKSM4csAnivR LPCQGjXz9OhMxTZBZHXwZBQM =IEYv -----END PGP SIGNATURE----- --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.22/238 - Release Date: 1/23/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.22/238 - Release Date: 1/23/2006 --------------------------------------------------------------------------- EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The Norwich University program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Tailor your education to your own professional goals with degree customizations including Emergency Management, Business Continuity Planning, Computer Emergency Response Teams, and Digital Investigations. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- RE: www.readnotify.com, (continued)
- RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
- Re: readnotify.com Larry Offley (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 25)
- RE: readnotify.com evb (Jan 25)
- RE: readnotify.com evb (Jan 27)
- Re: readnotify.com Jim Halfpenny (Jan 26)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: readnotify.com Saqib Ali (Jan 27)
- RE: www.readnotify.com Ebeling, Jr., Herman Frederick (Jan 27)
- Re: readnotify.com Ansgar -59cobalt- Wiechers (Jan 27)
- RE: readnotify.com Ebeling, Jr., Herman Frederick (Jan 26)
- Re: vnc server Scott C. Best (Jan 26)