|xP Design Policies|
However, there is a disturbing trend among mailing list providers and some e-mail clients that is invading many users' privacy. This is the practice of embedding the following tag in e-mail messages:
<img src="http://www.foo.com/tracker.gif" height=1 width=1>
Because the image is 1 pixel by 1 pixel, and often transparent, the user never notices it. But when the e-mail client requests the graphic from www.foo.com, an entry is generated in the server's log which indicates the time and location when and where the user is reading his/her e-mail. More insidious, some image tags reference a cgi script which store the user's e-mail motions in a database profile.
Therefore, the xP HTML e-mail policy is such:
NO html messages may request network content. If any image or script tag specifies a source file that is not attached to the message, then the tag is supressed and the user is given a security warning.