Security Basics mailing list archives

Re: READ RECIEPTS automatically generated

From: jlewis1957 () netscape net (Jeff Lewis)
Date: Wed, 28 Jan 2004 18:33:12 -0500

<draconis () camalott com> wrote:

This is an excellent utility for read receipts:

http://www.grinningshark.com/

Found it, installed it and I am evaluating it as we speak. Especially like the tool it has where it automatically
detaches and quarantines all files based on extension.

I now have a column in Outlook displaying read receipts as a checkbox. You have to hunt a little in the All Mail Fields
of Customizing the Current View to enable it.

As a result, all of the messages that I suspected of having something hidden for a generating the read receipt request,
don't have anything hidden. At least not according to Outlook. The check boxes all show that one was legitimately
requested.

Since I have this option absolutely turned off, why did Outlook send them anyway?

I even pasted all the URLs from one of the messages into Sam Spade's URL Browser to see if there was any code there.
Didn't find anything, but I wasn't going to go through multiple redirects either. Doesn't mean that something isn't
there, just that I didn't dig that deep. Especially since the Outlook read receipt request is obviously there. I also
wanted to be certain that I wasn't validating my email address by accessing the URL. That tactic became quite obvious
through what the redirects were displaying.

OK. I'm stumped. Where to next?

__________________________________________________________________
New! Unlimited Netscape Internet Service.
Only $9.95 a month -- Sign up today at http://isp.netscape.com/register
Act now to get a personalized email address!

Netscape. Just the Net You Need.

---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any
course! All of our class sizes are guaranteed to be 10 students or less.
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention,
and many other technical hands on courses.
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off
any course!
----------------------------------------------------------------------------

Current thread:

READ RECIEPTS automatically generated Jeff Lewis (Jan 27)
- RE: READ RECIEPTS automatically generated Muhammad Naseer (Jan 28)
- <Possible follow-ups>
- RE: READ RECIEPTS automatically generated Jeff Lewis (Jan 28)
  - Re: READ RECIEPTS automatically generated Meritt James (Jan 28)
- RE: READ RECIEPTS automatically generated Gene LeDuc (Jan 28)
  - Re: READ RECIEPTS automatically generated Meritt James (Jan 29)
- Re: READ RECIEPTS automatically generated draconis (Jan 28)
- Re: READ RECIEPTS automatically generated Jeff Lewis (Jan 29)