What's the latest on emails that spy?

Stephen Tashi

Science Advisor
6,673
1,055
Summary
I've read that features can be built into emails that report back to the sender what he person who received the email does with it. What's the latest news on that technology?
Several years ago, I read that features can be built into emails that report back to the sender what the person who received the email does with it - at least report whether the email was opened and when this happened. It involved including a tiny picture in the email that would be opened when the email was read. That would somehow report information back to the sender. There were programs (mainly oriented to MS Windows) that advertised giving the email sender this power. Is that technology real? What are the latest developments in it?
 
Last edited:

phinds

Science Advisor
Insights Author
Gold Member
15,270
4,955
Don't know about the latest but for many years Outlook (the desktop application at least) has had an option to ask an email to report back when it is opened, BUT ... it also provides the recipient (at least Outlook recipients) with the option as to whether or not to actually execute that action.

EDIT: and by the way, I have no idea whether or not that action is even meaningful if the email is received by an email system other than Outlook desktop.
 
Last edited:
10,810
4,349
The MailCHimp bulk email distribution service can tell you if someone has looked at an email you sent, whether they decided to unsubscribe from your list and whether they looked at it a second time...

Usually this is done with a tracking pixel scheme where the pixel when accessed is associated with a single subscriber so that each time you view a web page that tracking pixel jpg gets requested from the service and the service then knows the user is looking at the email again.


I'm sure there are other ways using javascript but I think the single pixel approach works even if javascript it off. It will only fail with html is disabled in your email client which isn't uncommon as viewing your email as is is preferable to clicking on a malware link.
 

Wrichik Basu

Insights Author
Gold Member
2018 Award
1,103
960
Several years ago, I read that features can be built into emails that report back to the sender what the person who received the email does with it - at least report whether the email was opened and when this happened.
Boomerang for Gmail has this feature. It will append a small link at the end of the mail, and tell the receiver of the email that it is tracking the mail. The receiver has the option to stop the tracking I guess. Personally, I haven't used this feature yet (a message stating "This email is being tracked" will not be very good-looking in official mails).
 
10,810
4,349
Yeah, it would be better to say this email is NOT being tracked, wink wink!
 
1,091
193
I'm sure there are other ways using javascript but I think the single pixel approach works even if javascript it off. It will only fail with html is disabled in your email client which isn't uncommon as viewing your email as is is preferable to clicking on a malware link.
I am not aware of any email client that sends javascript contained in emails - this would be an unacceptable security risk. Simply displaying HTML does not send the tracking code as most email clients will not download images unless you ask them to and so the sender initially has no way of knowing if you have read the email, but as soon as you choose to display images they receive the code.

Don't know about the latest but for many years Outlook (the desktop application at least) has had an option to ask an email to report back when it is opened, BUT ... it also provides the recipient (at least Outlook recipients) with the option as to whether or not to actually execute that action.

EDIT: and by the way, I have no idea whether or not that action is even meaningful if the email is received by an email system other than Outlook desktop.
Outlook, or rather the Microsoft Exchange email server, uses its own protocol for message delivery which supports read notifications, but when it sends emails outside the organisation it has to use the universal SMTP protocol which does not.
 
17,506
7,071
Summary: I've read that features can be built into emails that report back to the sender what he person who received the email does with it. What's the latest news on that technology?

Several years ago, I read that features can be built into emails that report back to the sender what the person who received the email does with it - at least report whether the email was opened and when this happened.
This is very widespread and common email marketing technology. Nearly any promotional or subscribed email will have this monitoring. It is not usually offered by email services but by marketing platforms. Open rates are just used to determine the success of an email campaign.
 

anorlunda

Mentor
Insights Author
Gold Member
7,302
4,078
Every client is different, but disabling the remote images will eliminate most tracking.
Thanks. Gmail does allow you to disable images, or to ask each time. They also said the following. The way they word it, they do not necessarily think tracking is harmful.

https://support.google.com/mail/answer/145919?co=GENIE.Platform%3DDesktop&hl=en said:
How Gmail helps make images safe
Google scans images for signs of suspicious content before you receive them.

These scans make images safer because:

  • Senders can’t use image loading to get information about your computer or location.
  • Senders can’t use the image to set or read cookies in your browser.
  • Gmail checks the images for known harmful software.
Sometimes, senders may know whether you've opened an email that has an image. Gmail scans every message for suspicious content. If Gmail thinks a sender or message is suspicious, images aren’t shown and you’ll be asked if you want to see the images.
 
17,506
7,071
The way they word it, they do not necessarily think tracking is harmful.
Note, Google is one of the biggest trackers in the world, but that being said, I don't think it's a concern either. Do you really care if a promotional email knows you opened it or not? In some ways it's helpful, but it gives them indication whether you thought the title was interesting enough to open, which just leads to more interesting titles.

BTW, this is no different on forums. aka, a good interesting title = higher open rates = more viewers = more replies = more fun!
 

DaveC426913

Gold Member
18,184
1,796
Note, Google is one of the biggest trackers in the world, but that being said, I don't think it's a concern either. Do you really care if a promotional email knows you opened it or not?
It also tells them they've reached a valid, active email address and recipient.
It's analogous to a robocall on your phone that detects when the phone has been answered, so that your number can be subsequently targeted for spam calls.


...whether you thought the title was interesting enough to open, which just leads to more interesting titles.
It leads to more spam. They've identified that you - of the countless hundreds of thousands of silent, apathetic users - are a conduit for possible sales.


BTW, this is no different on forums. aka, a good interesting title = higher open rates = more viewers = more replies = more fun!
Nice try. 😕 Users come to fora looking for content (pull); fora don't push unsolicited content to a user's private space.
 

phinds

Science Advisor
Insights Author
Gold Member
15,270
4,955
It also tells them they've reached a valid, active email address and recipient.
It's analogous to a robocall on your phone that detects when the phone has been answered, so that your number can be subsequently targeted for spam calls.

It leads to more spam. They've identified that you - of the countless hundreds of thousands of silent, apathetic users - are a conduit for possible sales.
what he said (very small).jpg
 

Wrichik Basu

Insights Author
Gold Member
2018 Award
1,103
960
Tell me something: is it actually safe to enable this tracking for personal use? I mean, aren't these people actually reading what you are sending?
 
17,506
7,071
It also tells them they've reached a valid, active email address and recipient.
You don't need open rate tracking for this. The server will send a bounce response to the sender if the email address is not valid.

It leads to more spam. They've identified that you - of the countless hundreds of thousands of silent, apathetic users - are a conduit for possible sales.
First of all, why are you opening spam emails? Secondly, this tracking tech is commonly used in emails that you sign up for. So, don't confuse open rate tracking with spam. Legitimate emails use it too. Maybe even more so because at bulk levels it's not free. It's part of marketing platforms you pay for.

Nice try. 😕 Users come to fora looking for content (pull); fora don't push unsolicited content to a user's private space.
See above.
 
17,506
7,071
Tell me something: is it actually safe to enable this tracking for personal use? I mean, aren't these people actually reading what you are sending?
There is nothing unsafe about email open rate tracking.

1. Don't open spam
2. Unsubscribe from campaigns you don't want anymore
3. Personal use is very rare
4. Sleep well at night and worry about more important things
 

Wrichik Basu

Insights Author
Gold Member
2018 Award
1,103
960
There is nothing unsafe about email tracking.

1. Don't open spam
2. Unsubscribe from campaigns you don't want anymore
3. Personal use is very rare
4. Sleep well at night and worry about more important things
I am not talking about spam. I am talking about the emails that I am sending to others.
 
17,506
7,071
I am not talking about spam. I am talking about the emails that I am sending to others.
What's the difference? I don't understand the concern over whether or not someone knows you opened an email or not. The vast majority of personal email users don't track open rates and there is no issue even if they are.
 

Wrichik Basu

Insights Author
Gold Member
2018 Award
1,103
960
What's the difference? I don't understand the concern over whether or not someone knows you opened an email or not. The vast majority of personal email users don't track open rates and there is no issue even if they are.
Actually, it doesn't matter to me if the sender wants to know if I opened the email or not. My concern is this: say I enable the email tracking for my account, which means every mail I send, is tracked. Does this imply that the tracking agency is reading the contents of the email (i.e. the body, in addition to recipient information)? If they do so, they can use the information in some illegal way if they want, right?
 
17,506
7,071
Does this imply that the tracking agency is reading the contents of the email (i.e. the body, in addition to recipient information)? If they do so, they can use the information in some illegal way if they want, right?
Nope, all that happens is when your email client requests the tracking image, that request is logged as "email opened". That is it.
 

Stephen Tashi

Science Advisor
6,673
1,055
Simply displaying HTML does not send the tracking code as most email clients will not download images unless you ask them to
On Thunderbird, I get the notification "Thunderbird had blocked the remote content ...", but I wonder how many people set up their email clients this way - especially if they read email on their smart phones.

Instead of using an email client program like Thunderbird, many people use the web interface offered by the email provider. So when we say that gmail does something, are we saying that gmail does it for people who use the gmail web interface?

An interesting article: https://en.wikipedia.org/wiki/Web_beacon
 

Stephen Tashi

Science Advisor
6,673
1,055
First of all, why are you opening spam emails?
In Thunderbird, when I go to delete an email and click on its title, its content is automatically displayed.

If I pick a batch of emails to delete by clicking on the first one and the last one, their contents are displayed, but not the contents of the ones in between.
 

phinds

Science Advisor
Insights Author
Gold Member
15,270
4,955
In Thunderbird, when I go to delete an email and click on its title, its content is automatically displayed.

If I pick a batch of emails to delete by clicking on the first one and the last one, their contents are displayed, but not the contents of the ones in between.
You need to get a new mail system.
 

anorlunda

Mentor
Insights Author
Gold Member
7,302
4,078
My concern is this: say I enable the email tracking for my account, which means every mail I send, is tracked. Does this imply that the tracking agency is reading the contents of the email (i.e. the body, in addition to recipient information)?
You have to be more specific about who you are asking about. If you send a email to a third party, now you are asking about the the third party's provider reading your content you. There are too many parties involved for a general answer.

If you use gmail, yes Google reads everything you send or receive. But gmail also offers the benefit of a very effective spam filter. Spam reaches my inbox less than once per month. That spam filter eliminates 95% of the email risks up front. I know other PF regulars managing their own company email, who spend many hours every week combating spam. I don't have to do that because I use gmail.

We can all decide to sell our privacy. Give up some privacy in return for some benefit. Maximum online privacy is achieved by never going online. But the annoying part is the lack of transparency. The invasions of my privacy that I'm not aware of and that I do not explicitly agree to.
 

Klystron

Gold Member
469
504
While sitting around the radar control room for a mega-city airport, I advised my coworkers to assume conversations were monitored, that privacy as we knew it was a relic of the past.

The next morning the TRA-CON supervisor half-jokingly repeated our conversation and agreed with my premise. This was in 1973 roughly ten years before I would install sendmail / SMTP on a computer.

As a software engineer I tried to respect privacy by not opening the DATA part of mail packets but by design UNIX mail programs copied messages, more like a fax than snail-mail. Sender and receiver servers stored copies of traffic with numerous timestamps. Lifetime for server copies defaulted to 10 minutes in theory. With on-the-fly server backups a copy exists somewhere. If not data, at least the handshakes and transmission times of each packet.
 

Want to reply to this thread?

"What's the latest on emails that spy?" You must log in or register to reply here.

Related Threads for: What's the latest on emails that spy?

Replies
1
Views
5K
  • Posted
2
Replies
26
Views
4K
Replies
3
Views
765
  • Posted
Replies
2
Views
3K
  • Posted
Replies
1
Views
3K
  • Posted
Replies
4
Views
2K
  • Posted
Replies
1
Views
1K
  • Posted
2
Replies
29
Views
5K

Physics Forums Values

We Value Quality
• Topics based on mainstream science
• Proper English grammar and spelling
We Value Civility
• Positive and compassionate attitudes
• Patience while debating
We Value Productivity
• Disciplined to remain on-topic
• Recognition of own weaknesses
• Solo and co-op problem solving
Top