Re: Gmail account owners?

[Jesse Thompson <jesse.thompson () DOIT WISC EDU>]

On 05/19/2010 02:35 PM, Jason C. Belford wrote:
> > On Wed, 19 May 2010 13:49:11 EDT, "Behun, Michael" said:
> > > Consider sending a note to the account, asking to stop the activity.
> > > In the message put the note as an image on your webserver.
> >
> > The preferred image is a 1x1 pixel transparent GIF - kind of tough to
> > spot unless you have *really* good eyes. ;)
>
> In my experience, Gmail accounts do not show remote images by default.  Getting the user to actually push the "Display 
> Images Below" would be the only way that the image would be requested (and thus IP identified).  Has anyone used this method 
> and actually been successful?

A 1x1 pixel transparent GIF is also a pretty good way to tip off 
anti-spam scanners.  You would be better off using your university logo.

This is a useful utility for ensuring that your email client (desktop or 
web, local or cloud) does not leak privacy information.  I used it to 
identify a minor privacy leak with our web mail client, which our vendor 
has now patched.

https://secure.grepular.com/email_privacy_tester/

The utility performs what appears to be a comprehensive set of tests; 
including the recently publicized DNS pre-fetch issue:

https://secure.grepular.com/DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail

Jesse Thompson
UW-Madison

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature