RE: Email webbugs

["Dom De Vitto" <Dom () DeVitto com>]

Webbugs are NOT return receipts!!
Everybody should *at least* have return-receipts set to 'prompt'.
That is a no-brainer.
Web bugs are totally different, and can divulg a lot more information -
especially when tallied with cross-host information.

Dom
-----Original Message-----
From: Peter Pekala [mailto:peterp () netnitco net]
Sent: 27 August 2001 17:11
To: abuse; Focus-MS
Cc: VULN-DEV@SECURITYFOCUS. COM; BUGTRAQ@SECURITYFOCUS. COM;
win2ksecadvice () listserv ntsecurity net
Subject: Re: Email webbugs


In Outlook Express - Have you tried configuring this through Tools -
Options - Receipts - Returning Read Receipts ?

- Peter


: One of the things that has always bothered me about Outlook Express and
: Outlook is that they are susceptable to webbugs. Basically there are no
: options to block confirmation of your reading an email so any spammer can
: verify that your address is active as long as they can get you to just
view
: an email.
:
: A lot of people have difficulty understanding exactly what this means so I
: set up a demonstration page at http://www.nthelp.com/OEtest/oe.htm in an
: attempt to raise awareness of this nonsense and get MS to do something
about
: it. I don't know if other email programs like Eudora and Netscape are
: vulnerable to email webbugs so if anyone tests those please let me know
the
: results.
:
: Anyway, I've made the test site available to the public now so if you want
: to check your email reader, feel free.
:
: Geo.
: