Closed Bug 175258 Opened 22 years ago Closed 22 years ago

HTML Mail loads css stylesheet even if images and plugins are disabled

Categories

(SeaMonkey :: MailNews: Message Display, defect)

x86
All
defect
Not set
normal

Tracking

(Not tracked)

RESOLVED DUPLICATE of bug 28327

People

(Reporter: mozillabug, Assigned: sspitzer)

Details

(Keywords: privacy)

Hi, One of the many spam mails caught my attention: Nicely formatted with colors and fonts. It showed that the mail contained a reference to the stylesheet on the originating spammers homepage. As the feature "no plugins and images in mail" is - in my eyes - mainly to prevent spammers from including images like logo.gif?receipt=you@your.domain this is easily to circumvent with stylesheets named like this... I'm using Mozilla/5.0 (Windows; U; WinNT4.0; en-US; rv:1.1) Gecko/20020826 I hope not to produce a duplicate - done my best searching this enormous bugzilla. Thanks for this nice product.
I can confirm this bug with Mozilla 1.0.2 on Windows ME. I have set the following Prefecences under "Privacy & Security": Cookies: [x] Disable Cookies in Mail and Newsgroups Images: [x] Do not load remote images in Mail & Newsgroup messages However, external stylesheets are still being loaded (allowing tracking of spam delivery) and a cookie is still being set for this http request (I believe there is already an open bug for this). This bug is already being exploited by, for example, the RedHat "Under the brim" Newsletter. It refers to a personified stylesheet that tracks my reading of their newsletter.
Keywords: privacy
OS: Windows NT → All
*** This bug has been marked as a duplicate of 28327 ***
Status: UNCONFIRMED → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.