[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[no subject]

Geoffrey wrote:

> Dow Hurst wrote:
>> I'd like to hear the security experts chime in on this. I've 
>> encouraged users to disable images in Mail and Newsgroups in Mozilla, 
>> which is our default email app. However, what your doing prevents 
>> even Outlook users from getting whanged. I thought that images were 
>> able to contain embedded information or even javascripts now. Is this 
>> true? What are the current and coming threats from allowing embedded 
>> URLs? To me it seems that inherently it is a bad idea to allow this 
>> no matter how much people want to violate a practical security policy!
> You can certainly validate an email address by embedding a link to a 
> unique image in a message if the mail tool displays images.  Simply 
> create a 1x1 pixel white image and name it to be unique, as:
> esotericAT3times25.net.png
> And then send it to me.  If my browers opens the image, there'll be a 
> record of such in the web server that's serving the image.

Dow Hurst                  Office: 770-499-3428            *
Systems Support Specialist    Fax: 770-423-6744            *
1000 Chastain Rd. Bldg. 12                                 *
Chemistry Department SC428  Email:   dhurst at kennesaw.edu   *
Kennesaw State University         Dow.Hurst at mindspring.com *
Kennesaw, GA 30144                                         *
This message (including any attachments) contains          *
confidential information intended for a specific individual*
and purpose, and is protected by law.  If you are not the  *
intended recipient, you should delete this message and are *
hereby notified that any disclosure, copying, distribution *
of this message, or the taking of any action based on it,  *
is strictly prohibited.                                    *

<li><strong><a name="00093" href="msg00093.html">[ale] Spam and HTML email</a></strong>
<ul><li><em>From:</em> matthew.brown at cordata.com (Matthew Brown)</li></ul></li>
<li><strong><a name="00096" href="msg00096.html">[ale] Spam and HTML email</a></strong>
<ul><li><em>From:</em> dhurst at kennesaw.edu (Dow Hurst)</li></ul></li>
<li><strong><a name="00097" href="msg00097.html">[ale] Spam and HTML email</a></strong>
<ul><li><em>From:</em> esoteric at 3times25.net (Geoffrey)</li></ul></li>
<li>Prev by Date:
<strong><a href="msg00098.html">[ale] [OT] LaserJet 4 toner cartridge replacement</a></strong>
<li>Next by Date:
<strong><a href="msg00100.html">[ale] flat screen monitors on RH9</a></strong>
<li>Previous by thread:
<strong><a href="msg00097.html">[ale] Spam and HTML email</a></strong>
<li>Next by thread:
<strong><a href="msg00103.html">[ale] Spam and HTML email</a></strong>
<li><a href="maillist.html#00099"><strong>Date</strong></a></li>
<li><a href="threads.html#00099"><strong>Thread</strong></a></li>