Outlook.com email - prevent loading of 3rd party images

Discussion in 'privacy technology' started by erim, Mar 2, 2013.

Thread Status:
Not open for further replies.
  1. erim

    erim Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    43
    Email images, which are loaded from 3rd party servers, can be used for "tracking" anyone who opens an email message.
    That's why some providers/clients (Gmail, Yahoo, Gmx, Thunderbird...) give you an option to disable loading of 3rd party images.

    But does outlook.com have this option? I couldn't find a setting for it and searching didn't help either.

    If it doesn't, can you recommend some good free email providers (other than Gmail, Yahoo and Gmx) which do offer this option?
     
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    I believe you can use the "Block attachments, pictures and links for anyone not in my safe senders list" option in the "Filters and reporting" section of "Preventing junk mail".

    That being said, all images displayed in Outlook emails are proxied and scanned to prevent tracking/malware/etc.
     
  3. erim

    erim Registered Member

    Joined:
    Aug 29, 2006
    Posts:
    43
    Right. But that doesn't differentiate between "local" images and 3rd party ones.
    Local images are not a problem and I don't have any reason to block them. Same for links and attachments.
    Thanks anyway, though, it will still come handy.


    Are you sure? When I right click and check the image properties I see a 3rd party URL as the source.
     
  4. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Well I can't speak for you but for me they do yeah :p All Microsoft addresses, generally containing the word "imageproxy".
     
  5. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,089
    Blocking automatically fetched images (and other content not embedded in the email itself) can serve several purposes:

    1) It prevents spammers from knowing that their email was accepted by the server. Some servers "pretend" to accept email even to addresses that don't exist so as to not provide feedback to spammers and confirm which ones are valid accounts.

    2) It prevents a sender from knowing that the email has been viewed by the user and when it has been viewed.

    3) It prevents the sender from obtaining the user's IP Address when the user's computer retrieves the image from a logging server used by the sender.

    4) It interferes with attempts to create associates, like putting several image bugs in the email that would be retrieved from multiple sources along with the same unique identifier.

    Were Microsoft to prefetch the images you would lose some of that protection. Were Microsoft to proxy the requests from your browser you would still lose some of that protection. Ultimately, you don't want such images/content to ever be automatically retrieved (and you probably shouldn't manually retrieve it unless you've checked the URLs and assessed the consequences).

    You could explore this by sending test messages to your email address and checking to see if/when images are retrieved from a website you have access to. There might even be a site somewhere on the net that does this for you. It would be good to bake some cookies into the test so that, for example, if a proxy is being done you can see whether it strips incoming cookies and/or outgoing cookies.

    While you are testing things, you might also want to have a look at http://www.checktls.com/.
     
    Last edited: Mar 2, 2013
Loading...
Thread Status:
Not open for further replies.