> My partner found a deal that by sending an email to
> [EMAIL PROTECTED] ( appending a .confirm.to) he gets sent
> an email as soon as the email is opened. How does this work? Or more
This has been around for a while, but I haven't seen it
so automated before. It's called a "webbug"
.to is the domain suffix for tonga. What happens is this:
1) You send an email to [EMAIL PROTECTED]
2) The email gets sent to the .confirm.to domain
3) The mailserver there wraps the mail with some html,
and then forwards it on to [EMAIL PROTECTED]
4) The html contains a reference to a server in Tonga.
e.g.a bogus embedded image: When mr foo reads the mail,
an HTTP request gets sent to the server, so it knows
he read it. Then tonga server then mails you to let
you know.
I did a test, and here's a sample of what is adds to the email:
http://164.124.123.208/read/984069686-c5d4e4c8b8bcb7dc.f203f7e722a2b3de/vneg
[EMAIL PROTECTED]
Consequently, to protect yourself against this you should
disable HTML mail, or (as you say) block the domain.
--
Vince Negri ([EMAIL PROTECTED])
Application Solutions Ltd. Tel:+44(0)1273-476608 Fax:+44(0)1273-478888
Legal Disclaimer: Any views expressed by the sender of this message are
not necessarily those of Application Solutions Ltd. Information in this
e-mail may be confidential and is for the use of the intended recipient
only, no mistake in transmission is intended to waive or compromise such
privilege. Please advise the sender if you receive this e-mail by mistake.
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
