HTML spam often includes 1x1pixel images with "confirmation codes" in them - this shows which e-mail addresses actually received and opened the
messages, thus showing which addresses are valid. That's a rather blatant security hole in HTML e-mail. One that's been closed by the "do not
automatically load images" option in most but not all modern e-mail clients (yes, Apple, I'm glaring at you), true, but a heck of a lot of people
still run legacy e-mail clients because they came with the computers...
--
Rob Kelk
"Governments have no right to question the loyalty of those who oppose
them. Adversaries remain citizens of the same state, common subjects of
the same sovereign, servants of the same law."
- Michael Ignatieff, addressing Stanford University in 2012
messages, thus showing which addresses are valid. That's a rather blatant security hole in HTML e-mail. One that's been closed by the "do not
automatically load images" option in most but not all modern e-mail clients (yes, Apple, I'm glaring at you), true, but a heck of a lot of people
still run legacy e-mail clients because they came with the computers...
--
Rob Kelk
"Governments have no right to question the loyalty of those who oppose
them. Adversaries remain citizens of the same state, common subjects of
the same sovereign, servants of the same law."
- Michael Ignatieff, addressing Stanford University in 2012