spam, mail clients and javascript

Hi all, and a merry Christmas.

Someone I know claimed that spammers send html mails so that when you
download the images that are included, their server stats can verify that
the mail address is valid.

I told him that it's not so at all, but that the mail client simple fetches
the images from the http server, not from any mail server, and that the mail
address cannot be seen at all. In best cases, the spammers might see the IP
address which is pretty useless to them.

He then adjusted ("clarified") his opinion somewhat, and said that the
spammers are using some javascript to fetch the images from the server, and
that the javascript creates some records about the mail address at the
spammer's server.

I don't know much about this, and the guy is some IT technician. But this
sounds very odd to me. In fact, I didn't know that mail clients are
supporting javascript at all, and if they do, I suppose it's just the
basics.

I also checked the source of 10-12 html spam mails just now and none of them
had any javascript at all.

Maybe I'm entirely wrong, which isn't the first time. But it sounds to me
that this person is either making this up himself, or that he's the victim
of a prank.

Can someone here shed some light on this? Or suggest somewhere where I
can find info?

Then, I will try to get a life and not posting stupid questions like
this on a Christmas Eve.... :-)

Cheers,
Danny

Re: spam, mail clients and javascript

Danny Boy wrote in news:4v77j7F1avgttU2
@mid.individual.net:

> Someone I know claimed that spammers send html mails so that when you
> download the images that are included, their server stats can verify
that
> the mail address is valid

I think he's simply referring to the "web bug" idea
http://www.eff.org/Privacy/Marketing/web_bug.html

Searching some of my spam samples, I don't see any instances of
javascript being used to load images but I'm sure it's possible to do.
The general idea is, the spammers want something that can be
automatically loaded when the image is viewed to help confirm an address
is active and read.

Addresses which have eyeballs actively reading them are worth a lot more
(for marketing) then dead addresses. Spammers gave up on abandoning dead
addresses long ago, so they still spam every address but spam the live
addresses a little bit more.

May your holidays be relaxing and marketing-free!

Jem

Re: spam, mail clients and javascript

Jem Berkes wrote:
> Danny Boy wrote in news:4v77j7F1avgttU2
> @mid.individual.net:
>
> > Someone I know claimed that spammers send html mails so that when you
> > download the images that are included, their server stats can verify
> that
> > the mail address is valid
>
> I think he's simply referring to the "web bug" idea
> http://www.eff.org/Privacy/Marketing/web_bug.html
>
>

Just be completely explicit, in order to do what your friend suggested
the spammer would have to encode your email address in the URL of the
web bug.

I thnk that while it is possible that some spammers atempt to determine
the validity of email addresses, there is no hard evidence that they do
so. As far as I know, operators of spam traps never mention having to
load images to continue getting spam.If you are looking for a research
project, this one would be fairly easy to investigate.

Daniel Feenberg

Re: spam, mail clients and javascript

feenberg@gmail.com wrote:

> Just be completely explicit, in order to do what your friend suggested
> the spammer would have to encode your email address in the URL of the
> web bug.

In fact, there's a "service" that lets anyone do this:

http://www.didtheyreadit.com/

Naturally, I have blocked all e-mail from this "service's" MTAs.
(However, I also drop HTML parts if there's a text/plain part in
the message, and my mail client won't load images anyway, so their "service"
won't work against me anyway.)

Regards,

David.