[Top] [All Lists]

Re: [ietf-smtp] [Shutup] Proposed Charter for the "SMTP Headers Unhealthy To User Privacy" WG (fwd)

2015-12-03 20:48:53
Thursday, Dec 3, 2015 9:39 PM Robert A. Rosenberg wrote:
If the message is HTML, then putting a 1x1 web-bug image in the HTML will 
trigger the info UNLESS the user's MUA is set to NOT automatically retrieve 

That retrieving images is the default behavior of most MUAs, and that it is 
even possible to do without cryptographically validating the ID of the sender 
in _any_ MUA, is an example of what I am talking about when I say that UI 
design is vitally important to protecting users' privacy.

Obviously if you have an MUA that behaves so stupidly, then your privacy is 
forfeit.   At present, that's most MUAs.   This is something that I hope MUA 
implementors will wise up to, and we ought to be advising them to if we aren't 

There are some ways of fixing this without involving the MUA.   E.g., if a user 
gets email with links to images, rewrite all of the links to point to a proxy 
that has a mapping between each rewritten link and the original; if the MUA 
fetches against that link, proxy it.   This protects the end user's IP address 
without requiring that they install a new MUA, and should be the default 
behavior of every mail system (but I suspect isn't the default behavior of any, 
although I heard Google was contemplating doing something like this).

Sent from Whiteout Mail -

My PGP key:

Attachment: pgpJckzGVAQA3.pgp
Description: PGP signature

ietf-smtp mailing list
<Prev in Thread] Current Thread [Next in Thread>