The trouble with text-only email

I don’t understand this sort of “right to track” that so many organizations seem to have. I don’t care if modern technology gives them a way to do it, I have a right to block or otherwise avoid loading whatever I want. Somehow 20 years ago businesses managed to judge how effective their communications/ads were without tracking; let them go back to that.

I don&#x27;t understand the problem: mozilla is basically saying &quot;we need to track you, otherwise gmail&#x2F;yahoo&#x2F;hotmail thinks we are sending spam&quot;. But if that&#x27;s the case, isn&#x27;t the problem the to aggressive spam filtering of gmail&#x2F;yahoo&#x2F;hotmail? _Or_ mozilla is really sending spam. But knowing them I don&#x27;t think that&#x27;s the case.<p>So the real problem here is that everyone is using gmail&#x2F;yahoo&#x2F;hotmail, and those providers have broken spam filters. They should fix them.

SMTP has a perfectly good verification mechanism. You send a VRFY request with an email address, and the server tells you if the address is valid. The trouble is that many mail servers don&#x27;t handle VRFY requests, because spammers used them to explore the space of destination email addresses.<p>There&#x27;s also &quot;Disposition-Notification-To&quot;, which sends back a message when an email is read. Most real mail clients tell the user this is being done, and allow the user to decide whether they want to send back a receipt. Does Gmail support that at all?

&quot;One metric that some sites evidently use is email sent to accounts that are known to be inactive, which is seen as a sign of a spammy originator. This, seemingly, is where Mozilla has run into trouble. One way to avoid this problem is to track which recipients are actually reading their email; any recipient who doesn&#x27;t look at any messages for a period of time can then be unsubscribed.&quot;<p>Shouldn&#x27;t the sites bounce those emails in a way Mozilla can detect and therefore use to prune?

The real problem here isn&#x27;t text-only email, or even Mozilla being concerned about not being able to track who is opening messages sent to its mailing lists. The real problem is that certain large webmail providers are making a hostile takeover bid for the fundamental infrastructure that email represents. The likes of Google have decided that their own interpretation of how email should work is more important than things like following standards and delivering properly formatted and correctly sent messages.

Been a while since this was fixed now, but I once discovered a method to track views of even plain text emails when the user was using Thunderbird - <a href="https:&#x2F;&#x2F;www.grepular.com&#x2F;DNS_Prefetch_Exposure_on_Thunderbird_and_Webmail" rel="nofollow">https:&#x2F;&#x2F;www.grepular.com&#x2F;DNS_Prefetch_Exposure_on_Thunderbir...</a> - thanks to the DNS lookups caused by URL pre-fetching. Same issue worked with various webmail implementations at GMail, Hotmail, Roundcube, IMP, and probably more. You can test your client for this particular flaw and many more at a website I built - <a href="https:&#x2F;&#x2F;www.emailprivacytester.com" rel="nofollow">https:&#x2F;&#x2F;www.emailprivacytester.com</a>

Mozilla seem to be falling into the same trap as the internet in general, albeit a good long while later. Just a little bit of tracking here, how is that harmful? Just a little bit of tracking there, too. It&#x27;s really not a problem. Telemetry this browser feature, Google Analytics that addon page. And like the frog in the pan of water, eventually we&#x27;re all cooked.<p>&quot;Don&#x27;t be evil&quot; is deprecated, Mozilla Manifesto #4 will be too, soon enough.

This leads me to believe that Mozilla may have recently been caught up in the same spamhaus spam-trap debacle as many others and was backlisted. They decided to send a permission pass email because if an open or click hasn&#x27;t recently been recorded, there isn&#x27;t really any other way for them to know which emails in their list are no longer active.<p>This also confirms my belief that one or more of the big email ISP&#x27;s (yahoo, gmail, etc.) may have sold a crap load of their inactive email accounts to spamhaus recently. Doesn&#x27;t matter if these once active emails did opt in to your list in the past, you will still get backlisted now that they are in the spamhaus spam-trap database.<p>I don&#x27;t understand why the email providers don&#x27;t simply shut down the inactive accounts. This would then result in a hard bounce to the sender allowing them to remove the emails from their list.

I think the whole &quot;non profit&quot; angle of Mozilla is suspect. When so much of their revenue is tied to search engines[0], they&#x27;re really more of subsidiary than a charity.<p>That, and having the <i>marketing</i> person insist that they <i>need</i> message tracking to prevent being blacklisted is shady as hell. Mozilla has plenty of smart people who already know several other ways to skin that cat.<p>[0] <a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Mozilla_Foundation#Financing" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Mozilla_Foundation#Financing</a>

You&#x27;ll have to pry plaintext email from my cold, dead hands. If you send me an HTML email it goes right in the bin.

It&#x27;s funny how the entire privacy nightmare was finally avoided by a simple link to click once a year. This itself shows that such involuntary tracking has no useful purpose which cannot be achieved in a simpler manner that preserves privacy.

Who are the organisations keeping these lists of &#x27;inactive&#x27; accounts and doing it in such a sloppy way that receiving text mail counts as not existing? I sure as hell haven&#x27;t told them whether or not I use any of my email addresses. Isn&#x27;t the solution to correct them, not to go along with them?<p>Surely Mozilla has enough clout to at least get a message to them rather than just throwing in the towel?

&gt; not that there was really any need for more evidence that the email system is broken<p>Broken? Where? Is there a reliable open standard alternative to passing messages to one another with attachments, encryption, self-hosting, and local archiving as actual options on the table? And no, IMs are not an alternative for anything longer than a few lines.<p>Email is only &quot;broken&quot; if you don&#x27;t use it properly.

I recently switched back to Mutt after 10 years of Outlook and OWA. It took a few months of constant tweaking, but loving it now. I can still load html email in a browser with one key if I need to.

I always explain tracking pixels to non-technical users and show them how to turn off image loading if they wish to. Every single one has chosen to do so. It&#x27;s way past time for email clients to have this as the default for html emails.

They could send a personalized mail every year saying - &quot;if you still want to continue to receive these mails&quot;, click here.

Also have them opt-in when they sign-up to your newsletter, aka double-opt-in. Don&#x27;t worry about those that don&#x27;t opt-in as it&#x27;s unlikely they&#x27;ll read your newsletter anyway.

There should be email client&#x27;s who only open images if they are attached. I don&#x27;t think any email client should try to load anything inside the html automatically if not attached. and even than attachment images should be confirmed.

You don&#x27;t need html email for that... you just need a trackable link. If someone hasn&#x27;t actually come back to your site for years due to the mail you&#x27;re sending out... should you really be sending them mail?

If your site looks virtually the same in Lynx I&#x27;m not sure if that&#x27;s a feature or a bug.

Wouldn&#x27;t a better solution be exempting Mozilla from these checks? I mean really.. it&#x27;s MOZILLA. The same one that Google, Microsoft, et al are teaming up with them to improve web docs but at the same time some (does gmail and htomail do it or not?) of these hinder it&#x27;s mailing lists about the very same subject they are supposed to be teaming up on?<p>Other reputable mailing lists operators should also have all their addresses exempt from this charade.<p>What is the danger that mails from Mozilla are actually SPAM, seriously.<p>On the other hand, I just looked into my spam on gmail right now - 2 spammy emails (from shady domains, I guess they&#x27;re okay, since they don&#x27;t run mailing lists) and 1 genuine email, form a reputable big site, emails from which I always open that gmail judged to be spam (?!). Yes, it&#x27;s promotional, so the &#x27;content is similar to spam&#x27; but it&#x27;s a newsletter that I subscribe to and always read, from contact@ a large genuine website, so what the hell?<p>I used to be subscribed to some lists and only read mails I found the titles interesting personally to me, I wonder if that hurt them too now...<p>&#x27;An algorithm did it&#x27; is like a new &#x27;a wizard did it&#x27;. And it somehow exonerates the people who put that crap in place and then its up to the victim to fix it (complain on Twitter your YouTube was wrongly banned, complain on HN your AWS got locked, track mailing list readers to not get demerit for operating big mailing lists, etc.). This isn&#x27;t right and often attempting to dispute it doesn&#x27;t even work, with a human reassuring the victim that the algorithm was right until there is a mini-scandal and only then the decision is overturned. All with &#x27;you broke our terms and&#x2F;or social guidelines&#x27;, no concrete information what even happened in the first place and then it happens again to someone (or to the same person again).<p>It boggles my mind a reputable behemoth like Mozilla can be stuck in a situation where they can&#x27;t send an email to anyone until someone overturns the algorithm&#x27;s judgement which takes a lot of time (because it&#x27;s soooo hard to judge emails from Mozilla aren&#x27;t SPAM, yeah, right).<p>I won&#x27;t believe there isn&#x27;t a way to do that because in that case Twitter, YouTube and Facebook would be penalized very BADLY for all their spammy notification emails many people leave in their social tab on gmail for years. Somehow they don&#x27;t end up in spam ever (and many of them I never open and they would fit the description, especially Twitter updates about what&#x27;s trending in my country, that I literally can&#x27;t turn off since my account was judged to be a bot and locked right after creation and 1 Tweet and they now demand my phone number to unlock it).

From the comments:<p>&quot;Not blindly loading elements works just fine<p>Posted Oct 12, 2017 17:18 UTC (Thu) by david.a.wheeler (subscriber, #72896) [Link]<p>&gt; All of them. The way this generally works is that there&#x27;s a unique, invisible, element in the email, like a 1x1 pixel image. When that image is requested, the server marks that the email has been read. Since most email clients blindly load all HTML elements this works. Even for the more careful clients that don&#x27;t load elements from remote servers by default and ask the user to click a &quot;load full message&quot; (k-9 mail on android does this), most HTML mail is unreadable without those remote assets because the layout is completely broken.<p>I don&#x27;t load elements from remote servers by default, and practically never have problems with desirable email. In my experience, email that&#x27;s broken without remote loading is practically always spam.<p>&gt; This is even harder for mail client&#x27;s that have to rely on a third-party rendering engine for HTML mail, since they don&#x27;t necessarily have the hooks into the renderer to tell it not to load remote content.<p>At least some third parties DO support this functionality.&quot;<p>I use a non-major, non-modern &quot;web browser&quot; that does not load elements from remote servers, and I practically never have problems with desirable content.<p>The &quot;blind loading&quot; problem extends to web browsers in addition to email.<p>In fact, email clients took the idea of tracking <i>from web browsers</i> and applied it to HTML email.<p>It may be possible to disable autoloading of images such as 1x1 pixels but unfortunately the &quot;major&quot; aka &quot;modern&quot; browsers do not allow users to disable all blind loading, e.g., malicious .js files.<p>For example, the recent Equifax incident involved blind loading of an undesirable .js file.<p>This &quot;blind loading&quot; is the foundation of tracking and web ads, not just spam.<p>It seems the more the more &quot;major&quot; a browser is considered, the more people refer to it as &quot;modern&quot;, the better the browser works for tracking. Strange coincidence I guess.

Let&#x27;s make subscription timeouts a reality. When you subscribe to an email newsletter, have it default to a 1-year subscription, which the user can modify.<p>This solves this problem, and auto-unsubscribes people who are not active users. You could have a login or other action renew the subscription.

The company that truly improves email will be a fixture and a household name. Its a devilishly hard problem, though. But one with immense potential.<p>I think a big limitation of current attempts are the focus on closed teams&#x2F;enterprises and making a &quot;clean break&quot; from email. WhatsApp seamlessly bridged a gap between modern messaging and telecom to produce grand success — the same can be done with email.