Does disabling "Always display external images" in Gmail remove the risk of spam senders?



  • When a mail is opened that includes special images, fonts or media, it is loaded from the server of the sender. This is bad because spammers can detect active mail accounts that will get more spam. But when I disable "Always display external images" in Gmail, is that enough to remove that risk?

    I do not know if there are other things included in an email that might "call home" when the email is opened.



  • The short answer is yes.

    I highly recommend disabling the loading of remote resources for at least mail from unknown senders. (I personally disable them for all senders.) Web beacons require loading remote resources (usually images) to trigger, so disabling them in your email client should prevent the engagement metric from noting the fact that you've read the email.

    However, not all email clients are exhaustive in how they limit beacons and new methods are found on occasion. One such example is using CSS with the url() function, which some email clients fail to recognize as a remote resource. Another is the BaseStriker concept, which makes remote resources look local.

    See also Is Gmail showing images by default a good idea for privacy?


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2