Firewall Wizards mailing list archives
Re: msgtag read receipts
From: Chuck Swiger <chuck () codefab com>
Date: Tue, 14 Oct 2008 10:33:33 -0700
Hi, Ken-- On Oct 9, 2008, at 11:46 AM, Ken Fox wrote:
Has anyone got any rules for stopping MSGTAG.com from sending unauthorized read receipts - I have been looking all over the place since I received a message with one earlier today. Basically it embeds a picture in the messagethat confirms being read by virtue of being accessed.
That's a FAIL. Anyone who uses ClamAV's MailFollowURLs option (or equivalent in other antivirus software) is going to have embedded links followed by a robot, which indicates nothing about whether a human has seen the message. Anyway, the first thing you should do is use a mail client which does not download URLs in email messages until and unless you tell it to do so-- such as Mozilla's Thunderbird among others.
I tried blocking the parent IP in my perimeter firewall but the image still renders, and thewebsite will as well.
What's a "parent IP"?Probably the IP of the mailserver relaying the email is not the same thing as the hostname in the URL they embed in the email message; you need to block the latter and not the former. If you make a sample version of one of these messages available somewhere, it should be easy enough to identify the right thing to block.
Note that good network security practice would be to have a firewall which blocks most or all traffic to/from internal client machines, and requires them to go via a proxy like Squid or whatever in order to access the web. In which case, you'd make your changes to the proxy ruleset to block such traffic, which likely gives you finer-grained control than an IP-based firewall would.
Regards, -- -Chuck _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- msgtag read receipts Ken Fox (Oct 14)
- Re: msgtag read receipts Carson Gaspar (Oct 28)
- Re: msgtag read receipts Chuck Swiger (Oct 28)
- Re: msgtag read receipts Jim Seymour (Oct 28)