<img src = “http://myserver.com/my_picture.jpg” />
It would directly show the image as if it was embedded inside the mail, though it came from outside.
Suppose I want a receipt for the mail written to my colleague Keane. How would I do it?
As you see, the “<IMG>” tag points to an image on my server. But what if I do not point the source to an image, but to some scripted dynamic page that takes the shortened subject of the mail as a parameter. Whenever the mail is opened, the page will get accessed.
We can script this page to perform some activities like sending a mail receipt to us. Since we do not want the image to expose the trick, we reduce its size to “ 1x1 pixels”
<IMG src="http://myserver.com/receipt.aspx?id=HelloKeane" height = "1px" width="1px" />
So we can brief that: Whenever the HTML email is displayed; the image source will be accessed. And whenever the image-source is accessed, we get a mail saying that the subjected mail has been read.
How to plant a “force-receipt” image?
I will explain a very raw method of doing this.
--> First create a “.html” page. Say “somereceipt.html”.
--> Open it with notepad and put the following line into it.
<IMG src="http://myserver.com/receipt.aspx?id=HelloKeane" height = "1px" width="1px" />
--> Save the file and close it.
--> Double-click and open the HTML file (in IE or other browser).
--> Press “Ctrl + A” (Select All) and then “Ctrl + C” (Copy).
Open your HTML email editor (Outlook or GMail…anything) and at the end of the mail press “Ctrl + V”. This will plant the receipt image into the mail. You can send that mail whenever you want.
The problem with the “raw” method is that you will yourself trigger the mail receipt while opening the HTML page and while pasting it in your email editor. You’ll just need to ignore these.
To see a sample online, please see: Test Sample
People who want to use it regularly can use the services from “DidTheyReadIt or ReadNotify”. These services make the procedure very simple.
Sending a read-receipt mail and details (Using ASP.NET 2.0)
Here comes the more technical part. I am writing a page in ASP.NET 2.0, but you can use any other platform.
As discussed above, we are a passing a query-string parameter to the page. Here, this query string contains the subject that we wrote in the email. You could have other parameter(s) as required.
As soon as the web page (that we scripted) receives these parameters, it sends us the mail that the subjected mail was read.
What all information can we get?
Since the browser/mail reader is indirectly accessing our page, we can get all the information that the browser can provide. For example: IP Address, Browser/Machine information. But there is much more that the browser can give away.
Get your browser spied at http://gemal.dk/browserspy/.
The pages in the above link give a lot of information about your browser and machine.
Here the attached sample code will send a mail receipt along with some easily accessible browser information. This sample creates a HTML mail, to show the information in a formatted manner.
To gather the information about the browser we can use the “Request.Browser.Capabilities” dictionary object available in .NET 2.0.
To get some other information the code uses the following:
- Request.UserHostAddress
- Request.UserHostName
- Request.AcceptTypes
- Request.UserLanguages
Details of these classes can be found at MSDN.
In the “Page_Load” event itself, we are creating the HTML mail to be sent to us. The “Request.Browser.Capabilities” object gives us a “System.Collections.IDictionary” type. We iterate through the “Key, value” pair in the dictionary and display the information, as shown below.
System.Collections.IDictionary oDictionary = Request.Browser.Capabilities;
foreach(System.Collections.DictionaryEntry oDictionaryEntry in oDictionary)
{
sHTML += <tr>";
sHTML += "<td>" + (oDictionaryEntry.Key == null ? "NULL" : oDictionaryEntry.Key.ToString()) + "</td>";
sHTML += "<td>" + (oDictionaryEntry.Value==null?"NULL":oDictionaryEntry.Value.ToString()) + "</td>";
sHTML += "</tr>";
}
Does this always work?
This trick may not always work, especially with the famous public email services. They take enough steps to restrict it, since it is an indirect disclosure of privacy. As the image points to the external content, the user is required to be connected to internet if the receipt is to be received. Also the HTML email reader must be available to the user.
How service providers are restricting it?
Mail service providers like GMail, Yahoo and Hotmail do restrict these things. They simply restrict it by not allowing the “External” content to be displayed. As the image in the above example points to the external content (on your site), this will also get restricted. But it still works with Outlook and many other web-mail services. It will still take time to be restricted from most places. Till then …Enjoy!!!.
The original article can be found here
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Rant 
Admin