1. Home
  2. Knowledge Base
  3. Email
  4. How spammers use HTML e-mail to verify an e-mail address as valid

How spammers use HTML e-mail to verify an e-mail address as valid

HTML (Hypertext Markup Language,) the common language used to create web pages, can also be viewed in most modern e-mail program. This allows someone to create a nice looking, graphic rich e-mail message.

Because the layout is written in HTML, images can be displayed without having to send them along with the e-mail message. Instead the code is written to access the server where the image is held, and download from that server.

Unfortunately, because images come from some outside server, this makes for an excellent way for spammers to verify your e-mail address as not only valid, but also notes that you read the message they sent you, making your e-mail address a target for spam.

How it works:

In an HTML e-mail message, an image is placed using code similar to <https://somesite.com/insertmessage.html>. Very basic. What spammers do is insert the e-mail address they are sending to, into the code used to display the image, something like <https://somesite.com/youraddy=yourdomain.com/instertmessage.html>. It’s easy to then setup a server to filter out ‘youraddy=yourdomain.com’ and record that it was accessed by someone. This effectively tells the spammers that not only did someone receive the message, it was also read, thus making the e-mail address valid. Once this happens, your e-mail address can become a target for spam.

How does a spammer get your e-mail address in the first place? They just keep trying random combinations of addresses until one works. Computers are excellent tools for high volume, repetitive tasks.

How do you prevent this?

It is generally easy, although in the case of Outlook and Outlook Express, not very obvious, in most e-mail programs to keep this from happening. You will need to turn off the display of HTML e-mails.

In Mac OS X mail.app, go into the ‘Mail’ menu, select ‘Preferences’ then go to the ‘Viewing’ preference. Uncheck ‘Display images and embedded object in HTML messages’.

In Outlook Express 5.x for Mac, select ‘File -> Preferences’ then click on the ‘Display’ tab and uncheck ‘Show attached pictures in messages’.

In Outlook and Outlook Express for Windows, you should be able to 

select Tools->Options, then click the Security Tab. In the “Security Zones” section, select the “Restricted Sites” zone.

For other e-mail clients, see the help for the particular application you are using. 

There is an excellent web page that explains why HTML e-mail  is bad and has an extensive list of instructions for turning of HTML e-mail, located at: https://expita.com/nomime.html

What is the downside to turning of HTML in e-mails?

You won’t be able to see any HTML that is sent to you. You may see text that is included in the message, but no images. Most of the time, it’s probably a spam message that you are receiving anyway.

It’s up to you do decide if you want to see HTML messages. Just keep in mind, if you do, you are a more likely target for spam than you might be otherwise.

Was this article helpful?

Related Articles

Need Support?

Can't find the answer you're looking for?
Contact E Street Support