this post was submitted on 22 Mar 2024
19 points (91.3% liked)
cybersecurity
3376 readers
15 users here now
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!
Community Rules
- Be kind
- Limit promotional activities
- Non-cybersecurity posts should be redirected to other communities within infosec.pub.
Enjoy!
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Mailjet's documentation indicates they use an explicit pixel image for tracking email open status and that can be turned on or off in account settings. However it also indicates they put all images included in an email template through the same infrastructure as tracking links. So most likely they record the view but whether that usage data is retained and available to the gov agency is hard to say without making an account with Mailjet and testing.
If you're concerned, just turn off images for untrusted senders in your email client.
I was imagining how a well-designed mail client might detect likely tracker pixels and signal the user. If MUAs were sufficiently evolved, that kind of convenience/sloppiness of transmitting tracker pixels but then putting the switch somewhere on the server wouldn’t fly. Anyway, I appreciate the insight. It certainly raises a transparency issue.