Testing didtheyreadit.com's Mail-Tracking Claims 400
iosdaemon writes "didtheyreadit.com claims to be able to track your sent email: "When, exactly, your email was opened. How long your email remained opened. Where, geographically, your email was viewed. DidTheyReadIt works with every single internet provider and e-mail account, including EarthLink, AOL, NetZero, Juno, Netscape, Hotmail, Yahoo, and much more." Read on for more.
"This appears to be snake oil. I put it to test just in case someone had come up with some magical code. I sent email from a Yahoo.com account through the service, to an account on a Linux Box. Running tcpdump, I received the email from my pop and let 5 minutes pass before opening it. I left the message open with the cursor in the text for another 5 minutes. Tcpdump revealed absolutely no questionable traffic. And, the service control panel indicated the email had not been viewed. Sending email to a Yahoo.com account results in a 'read' in the service CP. But I had the message open for 10 minutes, and it indicated a 2-minute read......" The company's "How it works" page explains the system to some degree; it involves redirecting all mail to be tracked through their servers by appending "didtheyreadit.com" to your recipient's email address. I doubt this is mutt-compatible ... Reader xrxzzy points out USAToday's article on the service as well.
Comment removed (Score:4, Insightful)
Single pixel gif? (Score:4, Insightful)
How they monitor the length of time the mail stays open is a bit of a mystery.
Turn off 'Download images' and I'd imagine their system becomes useless.
Wasn't there a scare about spam merchants doing this once?
No good (Score:4, Insightful)
Re:How it 'works' (Score:5, Insightful)
No. Not unless you want them to know.
As I suspected, they are just using a tracking image, sometimes I look at the source of messages (sad, I know), then I would know if I was being tracked. That saves me opening an account to see how they were going to do this.
I always view my email as Plain Text using Mozilla, so this wouldn't work unless I decided to switch back to HTML. I made some of these tracking images once and tried it out. I found that browsers were cacheing them, so it wouldn't always register if it was viewed in a webmail acount.
Re:How it 'works' (Score:5, Insightful)
And yet they claim that there's no way the recipient can know that the message is being tracked (see their FAQ [didtheyreadit.com]) It may not be complete snake oil, but the company is definitely lying about the service's transparency.
And they route all your mail through their servers. I wouldn't be surprised if they soon started selling "pre-confirmed" email address lists.
Depressing... (Score:5, Insightful)
Re:No good (Score:5, Insightful)
Unless it works for every single message it's no good.
So true. And this is straight from their main page:
Now you simply say, "My spam filter blocks images." And you may have a reason then to think that the person who sent you the message doesn't trust you.
You can't solve a people problem with technology.
Re:But we're blocking it anways.. (Score:4, Insightful)
SPAMMERS, perhaps? (Score:5, Insightful)
Wouldn't this be a great way to harvest thousands or millions of known good email addresses?
The TOS only states that they will not store the emails -- yet their own logs will contain the email addresses. There is nothing in the TOS that explicitly prevents them from using those addresses.
Good for them, and us. (Score:5, Insightful)
With a bit of luck, this will make more sites and clients want to implement image blocking, which will in turn make it harder for spammers to get their messages across.
Spam is merely an annoyance to most people. Privacy issues are not.
DNS fun... (Score:5, Insightful)
Now whould you like to pay for an email service that doesn't even have a fallback mailserver and is likely be busy handling mail for info@didtheyreadit.com.didtheyreadit.com.didtheyr
Re:How it 'works' (Score:3, Insightful)
And, of course, in legitimate email newsletters and such, from lots of entities that actually have to track their ROI on such things. I used 'em about 4-5 years ago when I was doing web dev and DB marketing for a travel dot-com. If someone was signed up for our fare alerts or whatever, they'd get mail with a tag in it; if they clicked through to our site, that tag got tracked as a referrer, and passed along to the e-commerce part. Made it a LOT easier to say to the marketers "yeah, we sent X messages, Y people clicked through, Z people bought, and here's the top-line revenue for this particular fare promo."
This is just to clarify that it's the spam that's evil, not the image tags themselves. ;)
Re:How it 'works' (Score:5, Insightful)
You and I might ignore their attempts, but there are a hell of a lot of people out there who would like the sales pitch, the 5 free samples/tests and spend the money to use the service. For the most part, they'll be emailing people without mutt and the service may just work (more or less) as described.
Where I would have an issue is with the small percentage of emails that they can't track due to clients forcing text only mail. If a user was to build a strong reliance on this service, they would only assume that the receiver had never even read their email when in actual fact they could've opened it in a text-only client and pored over it for days!
And the privacy issues are astounding -- they would essentially get every copy of email sent through their system -- personal information and details, etc. If you care enough about the information you're sending to want to know if the receivee will read it, then you can bet that this company may care enough about the content too...
Big problem: instant open relay (Score:5, Insightful)
INSTANT OPEN RELAY.
All a spammer has to do is forge their From address (the only means of relay authentication!) and append
Re:How it 'works' (Score:3, Insightful)
And offsite imagine tracking is definitely not going to work for recipients like me, who use Mozilla Thunderbird and picked the config option "Block loading of remote images in mail messages".
Re:It's an animated GIF! (Score:2, Insightful)
Even my grandmother would have to sense to do more investigating and be more doubtful about the claims of the product than this guy.
"Every single internet provider"? (Score:5, Insightful)
Guess what folks. There's no law that says you have to let a megacorp run your e-mail. With a fixed IP and a 24/7 server, you can run your own server. (Though, admittedly, it's not something a novice can make work.)
All this is is simple "web bug" HTML IMG link spying. Anyone with any kind of sense has configured their e-mail client to not automatically download remote images. Or even to not display HTML crap at all. And please don't tell me that they use Javashi^H^Hcript, because that means there's a brain-damaged popular e-mail program out there that allows it (or a webmail site that doesn't filter it). All we need is another way for e-mail to run wild code.
Is anyone else getting a flashback to the all the stupid ideas that would burn through millions of dollars in VC cash back in the dot-com bubble days?
Re:How it 'works' (Score:2, Insightful)
Re:How it 'works' (Score:5, Insightful)
Re:How it 'works' (Score:2, Insightful)
Re:How it 'works' (Score:2, Insightful)
Re:Depressing... (Score:2, Insightful)
Re:SPAMMERS, perhaps? (Score:3, Insightful)
More sophisticated analysis could also yield useful info (likely gender of the sender based on words and sentence structure; keywords to indicate interests).
Re:As a link... and another way to mess them up... (Score:2, Insightful)
They're probably also relying on quirks in the Windows / IE network code... something about Linux or maybe Mozilla gives up, calls the image done, and closes the socket after 2 minutes, whereas IE will keep trying until the parent frame or message is closed. That would explain why it took me ~2 minutes to load the parent post's link, and why it said that the reviewer only read the message for 2 minutes.
Re:Big problem: instant open relay (Score:2, Insightful)
I could have some fun with this sending email from known spammers back to other known spammers and put it on their tab for a change.
Email is dead as a useful form of communication - let's just face it and find something new!