• boomzilla (disco)
    Comment held for moderation.
  • boomzilla (disco)
    Comment held for moderation.
  • Maciejasjmj (disco) in reply to boomzilla

    I think the captions started getting mixed up by the end, too.

  • Mikael_Svahnberg (disco) in reply to boomzilla

    Are you referring to the missing picture, or the usual no-link-hither balls-up?

  • cartman82 (disco)
    boomzilla:
    I suspect the all caps title prevented this from being created automatically.

    That's actually hilarious. I bet the bot got "we detect this as spam and refuse to post it, nyah!".

  • accalia (disco) in reply to cartman82
    cartman82:
    "we detect this as spam and refuse to post it, nyah!".

    more likely it got the "title should be more descriptive" toaster and didn't know how to handle it.

  • boomzilla (disco) in reply to cartman82
    Comment held for moderation.
  • loose (disco)

    Generally I don't open spam, and tend to be very cautious viewing them RAW - not that many email clients allow you to do this properly. Outlook Express used (still does if you can get a copy to run without it being compulsory upgraded).

    The main reason being: I don't want to "confirm" my email address.

    Tip of The Day: Next time you get a "funny" phone call on your mobile / cell. I could be somebody "checking" if it a live number. And before I get flooded with the obvious "reply" - I just wanted to point that out, and in some small way, make your life different.

    Also, "...through. If it makes If it makes you go ..." :deja_vu:

  • Onyx (disco) in reply to loose
    loose:
    The main reason being: I don't want to "confirm" my email address.

    You mean by loading tracking content? I just don't allow any remote content to load by default. Unless there's some sorcery I'm not aware of that's all you need to do. And if it's a legit email I just click "load remote content" (or whatever it's called in your client) if I want to.

  • loose (disco) in reply to Onyx

    That works fine for "links", and in most cases they are probably going to be legit. One or both of my habitual email clients does this sort of thing for me. I.e. an email from a previously unknown source will ask and remember to open external resources.

    But there are things more subtle that can be imbedded in an email that have the capability of "phoning home" with or with a "poke around" your system before it does.

    Anyway, it works for me :) My main personal email address suffers less from "unwanted" spam than my other ones - and it is not a usage thing. That aside: Everything helps. But the first line of defence is don't open the email!

  • Placeholder (disco)
    Comment held for moderation.
  • JBert (disco) in reply to Placeholder

    It displays fine on my end. Have you tried turning it off and on again?

  • Yamikuronue (disco) in reply to Placeholder
    Comment held for moderation.
  • sloosecannon (disco) in reply to loose
    loose:
    That works fine for "links", and in most cases they are probably going to be legit. One or both of my habitual email clients does this sort of thing for me. I.e. an email from a previously unknown source will ask and remember to open external resources.

    But there are things more subtle that can be imbedded in an email that have the capability of "phoning home" with or with a "poke around" your system before it does.

    Anyway, it works for me :) My main personal email address suffers less from "unwanted" spam than my other ones - and it is not a usage thing. That aside: Everything helps. But the first line of defence is don't open the email!

    Right, like JS or images. Both of which get eaten by that feature :smile:

    Of course if you use gmail they preload the images anyways (preload then host on their servers.... Sounds like Discourse) so it doesn't really matter. I think they do that whether the address exists or not, but I honestly don't know.

  • boomzilla (disco) in reply to sloosecannon
    sloosecannon:
    Of course if you use gmail they preload the images anyways (preload then host on their servers...

    But the don't display them by default for stuff in the spam folder. I don't know if they bother to proactively download them until you tell them to.

  • loose (disco) in reply to sloosecannon
    Comment held for moderation.
  • sloosecannon (disco) in reply to loose

    That's a base 64 image, don't see how that could be used to identify you...

  • accalia (disco) in reply to sloosecannon
    sloosecannon:
    That's a base 64 image, don't see how that could be used to identify you...

    That's how they get you. they make you think it's safe but they track you through the pixels. through the pixels man. that's how they track you.

  • redwizard (disco) in reply to sloosecannon
    accalia:
    That's how they get you. they make you think it's safe but they track you through the pixels. through the pixels man. that's how they track you.

    In other words, you download those pixels, the img src is unique to your email address, then they know your email address is a LIVE ONE!!!!!!!! :giggity: SpamBomb that address!!!!!!! :fa_bomb: :fire:

  • sloosecannon (disco) in reply to redwizard

    Not if it's base64 :)

  • flabdablet (disco) in reply to loose
    loose:
    But there are things more subtle that can be imbedded in an email that have the capability of "phoning home" with or with a "poke around" your system before it does

    Surely that's only going to be even vaguely likely to be true if your mail client is Outlook?

  • flabdablet (disco) in reply to loose
    loose:
    I have no idea what that is (how irresponsible of me)

    It appears to be a completely legitimate 16x14 GIF of a folder icon. I can't see any phone-homefu in it.

  • flabdablet (disco)
    Comment held for moderation.
  • blakeyrat (disco) in reply to flabdablet
    flabdablet:
    YES BUMERANGS TO YOU!!
    <poo>
  • flabdablet (disco) in reply to blakeyrat

    Maybe you think, but when you get the double of bitcoins in your wallet, You need to give a Big Kiss!!

  • redwizard (disco) in reply to sloosecannon
    Comment held for moderation.
  • flabdablet (disco) in reply to blakeyrat
    Comment held for moderation.
  • sloosecannon (disco) in reply to redwizard

    Meh. Again, gmail...

  • Zemm (disco) in reply to loose
    loose:
    Tip of The Day: Next time you get a "funny" phone call on your mobile / cell. I could be somebody "checking" if it a live number.

    Why are you checking if my mobile number is live? It has been mine since 2001!

  • loose (disco) in reply to accalia
    Comment held for moderation.
  • loose (disco) in reply to sloosecannon

    In this case, mostly because it is just an example of "how", it is not meant track anybody. Unless, of course, it's not actually an image and contains some malicious code.

    The point is: Emails are a vector of all sorts of nasty "things", and some times rubber gloves aren't enough. Best not fiddle with them, even if they are incredibly attractive and alluring.

    :giggity: intended

  • riking (disco) in reply to boomzilla

    I think the fix is to add skip_validations=1 (or validation? forgot) to the POST arguments.

  • Nprz (disco) in reply to flabdablet

    I'm not the only one to decode it into a file and open it with an image viewer? I had to remove a spurious > in the data. Or I could have trusted the "alt" tag that it was a folder icon (but that is what they'd want you to believe).

  • loose (disco) in reply to Nprz
    Nprz:
    I had to remove a spurious > in the data

    My Bad. Although I had resolved all the issues Discourse has with "<" apparently I missed a "&gt", which Discourse don't give a fuck about.

  • Maciejasjmj (disco) in reply to riking
    riking:
    skip_validations=1

    What.

  • aliceif (disco) in reply to Maciejasjmj

    Could we abuse that ...?

  • RaceProUK (disco) in reply to riking
    riking:
    I think the fix is to add `skip_validations=1` (or validation? forgot) to the POST arguments.
    Wait, what? It's that easy to bypass validation? Why?
  • accalia (disco) in reply to RaceProUK
    RaceProUK:
    Wait, what?

    skip_validations=1

    RaceProUK:
    It's that easy to bypass validation?

    i should hope that you need to be like an admin or something for that to work.

    RaceProUK:
    Why?
    discourse?
  • dahaka (disco) in reply to flabdablet

    I like how they write "get double" but then have 1 -> 3 in all examples...

  • riking (disco) in reply to RaceProUK
    Comment held for moderation.

Leave a comment on “Best of Email: Super Spam Edition”

Log In or post as a guest

Replying to comment #:

« Return to Article