July 27th, 2007, 04:33 PM
Can you tell if an email was read?
I wasn't sure if this should go into N00b Security or Web Security, so if its in the wrong place a apologize. Anyway I was just curious as to if there is anyway to find out if an email that you have sent has been read or not. Specifically using Gmail. I have done some research and I found a few websites that say they can do it along with various other information, but I'd rather be able to do it myself. Is it possible to tell? If not can somone explain to me how these websites work then?
July 27th, 2007, 04:42 PM
It depends on how the email was composed and how the recipient has their mail clients setup.
If you're accepting/responding to "read or delivery" receipts, then yes. A sender can request a receipt. You can allow or deny the receipt.
The sender can imbed an image into an html email. Once you open it in html format, you download the image and they can see in their web server logs if you've opened/viewed the email (think web bug).
If the user is rejecting read and delivery receipts and only allows their mail to be delivered as text or rich text... and doesnt click on any links in the email (or view images that were hosted remotely), then no.
is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.
July 27th, 2007, 04:54 PM
Do those websites use the imbeded technique? I had thought of that once before, but If I just wanted to know if somone read a text based email is the "read or delivery" reciept the only way to go?
With the "read or delivery" reciepts, do they have to accept or send the reciept back? IE is there a button that says "send reciept"? or is it just something that automatically sends you notification when the email has been opened without the readers awareness.
July 27th, 2007, 06:30 PM
I would be highly suspicious of such sites. Many people make claims that they cannot fulfill either technically or legally.
If not can somone explain to me how these websites work then?
You mention Gmail................ I believe that they "filter" messages so that the embedding technique will not work?
I have seen the kind of thing you are talking about in commercial or institutional implementations. If you report stuff to the FBI for example, you will get an automated acknowledgement. Most e-commerce systems will send an automated acknowledgement and so on.
Internally (LAN/WAN) I have seen systems that automatically record receipt and opening of mail. This tends to be linked to some sort of monitoring and escalation process. Other implementations would require you to request a receipt and give the receiving party the option of whether to reply or not.
I guess the short answer is that you cannot tell unless the other party wants you to.
July 27th, 2007, 06:54 PM
Yeah I am usually pretty aprehensive of sites like these in the first place. I did a quick google and found one here
Looks like you they send it through their mail server? I'm not too sure. My networking knowledge is limited (still waiting to take that networking 101-103 course :P). Anyway thanks for answering my question guys. Nihil a pleasure as always.
July 27th, 2007, 07:56 PM
Here are a couple of links that might interest you:
It seems that readnotify uses Iframes as well as web bugs.
July 27th, 2007, 09:27 PM
Wow, that was extremely helpful. I had no idea that Iframes were capable of such clever sneakiness.
I don't however understand how HTML can gather so much information about a target.
An iFrame is basically just a way to imbed another HTML document inside another. However, how can that be used to gather so much information ie. IP and Location? I know very basic HTML and even less networking so I don't have a full sense of how things work in that great cloud of the internet.
Even if it was able to get the IP, doesn't that just point you to the ISP?
nihil thanks agian for the reference material.
July 27th, 2007, 09:59 PM
Yes, they would get the IP address of the mailserver and possibly the client. If it were me they would be way out, as I don't live anywhere near my ISP's centres and I get a new IP each time.
If you use AOL the results would be useless as well due to their peculiar architecture.
I think that a lot of the information is pretty superfluous............ you generally know it already? or why are you sending an e-mail?
Incidentally, it seems that the software won't work with some mail clients that block embedded items?
July 27th, 2007, 10:19 PM
Yeah, I guess most of that information is just fluff to make it seem better. Thanks for all the information
until next time :P
By xdisclose in forum Web Security
Last Post: December 8th, 2006, 07:39 PM
By ByTeWrangler in forum Hardware
Last Post: March 27th, 2006, 11:58 PM
By NXcng in forum Newbie Security Questions
Last Post: April 8th, 2004, 04:33 PM
By -DaRK-RaiDeR- in forum Newbie Security Questions
Last Post: December 14th, 2002, 08:38 PM
By Trust_Not_123 in forum Site Feedback/Questions/Suggestions
Last Post: December 8th, 2002, 04:53 PM