Saturday, July 16, 2005

Sneaky service called didtheyreadit.com

You might not be aware of didtheyreadit.com or other such services , but it would be good idea to know what it does. If you have used microsoft exchange server and outlook , there is an option to track delivery and read status of email messages. This allows the sender to receive notifications once their emails have been read and when they were read. Of course in Outlook, as a recipient of the email I can choose NOT to send a notification back.

Now back to this service "didtheyreadit.com", it brings this same service to the web based emails. And it does it without the the recipients knowledge, which is what I hate.

After you signup for this service (there is a free one for 10 email messages), you will be asked to add didtheyreadit.com to the end of the email address for every email you want to track. So If you want to send an email to abc@xyz.com, you will actually write the email to abc@xyz.com.didtheyreadit.com and didtheyreadit.com will then forward your message to abc@xyz.com. And you can now log into didtheyreadit.com and see when the email was read and if they have forwarded it to someone else etc.

So how does this work?.

Didtheyreadit.com adds a single pixel jpeg file to the message and makes the message a HTML message for the recipient. The image looks like this:

<img src="http://xpostmail.com/745637733fe8414505563ab5f8112449aaworker.jpg" nosend="1" name="dtri" width="1" height="1"/>

When this email is read and IF you have turned on images in your HTML email, this image will be downloaded from xpostmail (which I am guessing is didtheyreadit.com's domain). And since this URL is unique for the message and the recipient, didtheyreadit.com now knows you have read this email.

I guess this makes it really easy for someone to see if you have read their email. So no more "Oh, you sent me an email!!. I didn't get it!!" . They will know you are lying :). If you really don't want to be tracked, don't turn on images in your webmail or block xpostmail.com in your firewall.

In the interest of full disclosure though, I have thought of doing something similar by putting an image in my email signature with different URL parameters generated uniquely for every message (wouldn't have worked for tracking individual recipients , but you can tell a little bit more based on the referer). But I dropped the idea because it was very sneaky. I am sure web based email providers like yahoo, google don't want to do it for the same reason.

2 comments:

  1. I wonder if spammers will also maliciously use this technology to track hit rates. Spammers could identify who the actual spam "readers" are out there and use this information to target future mailings... I guess its time to turn off images in my HTML main ;)

    ReplyDelete
  2. They already do and that is one of the reasons why you should never *open* any SPAM email even if you are curious "how viagra could be that cheap".

    ReplyDelete