Webbugs are NOT return receipts!!
Everybody should *at least* have return-receipts set to 'prompt'.
That is a no-brainer.
Web bugs are totally different, and can divulg a lot more information -
especially when tallied with cross-host information.

Dom
-----Original Message-----
From: Peter Pekala [mailto:peterpnetnitco.net]
Sent: 27 August 2001 17:11
To: abuse; Focus-MS
Cc: VULN-DEVSECURITYFOCUS. COM; BUGTRAQSECURITYFOCUS. COM;
win2ksecadvicelistserv.ntsecurity.net
Subject: Re: Email webbugs

In Outlook Express - Have you tried configuring this through Tools -
Options - Receipts - Returning Read Receipts ?

- Peter

: One of the things that has always bothered me about Outlook Express and
: Outlook is that they are susceptable to webbugs. Basically there are no
: options to block confirmation of your reading an email so any spammer can
: verify that your address is active as long as they can get you to just
view
: an email.
:
: A lot of people have difficulty understanding exactly what this means so I
: set up a demonstration page at http://www.nthelp.com/OEtest/oe.htm in an
: attempt to raise awareness of this nonsense and get MS to do something
about
: it. I don't know if other email programs like Eudora and Netscape are
: vulnerable to email webbugs so if anyone tests those please let me know
the
: results.
:
: Anyway, I've made the test site available to the public now so if you want
: to check your email reader, feel free.
:
: Geo.
:

_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]