cross-posted from: https://lemmy.sdf.org/post/24375297
Tracker pixels are surprisingly commonly used by legitimate senders… your bank, your insurance company, any company you patronize. These assholes hide a 1-pixel image in HTML that tracks when you open your email and your IP (thus whereabouts).
I use a text-based mail client in part for this reason. But I got sloppy and opened an HTML attachment in a GUI browser without first inspecting the HTML. I inspected the code afterwards. Fuck me, I thought… a tracker pixel. Then I visited just the hostname in my browser. Got a 403 Forbidden. I was happy to see that. Can I assume these idiots shot themselves in the foot with a firewall Tor blanket block? Or would the anti-tor firewall be smart enough to make an exception for tracker pixel URLs?
Question answered in the parent thread:
https://lemmy.sdf.org/comment/15364720
when a server pushes a 403, it still sees the full URL that was attempted.
deleted by creator
The clients I use, mainly Geary and Thunderbird, no not load external content by default IIRC. This also has benefits for bandwidth usage. In most cases, the email is perfectly readable without the external content.