Chrome plugins pose a HUGE security problem. This one, for example, gets access to your GMail account. Do you want that? What else could this plugin do since it can read your email? Do you trust the author not to steal your GMail cookie?<p>Are you installing this at work? What kind of trade secrets could you potentially leak? And how does it affect your corporate compliance requirements? If your email is subject to HIPAA regulation, then you may be leaking protected health information. That's pretty bad.<p>I, for one, rarely install plugins. I've written plugins for my own amusement that can do some very bad things, and it's just too easy. Think twice people.
I'm wary of installing an extension that can access my data in gmail. Is the source code available anywhere?<p>Edit1: Found a chrome extension that lets me view the source code of chrome extensions[1]<p>Edit2: The inclusion of bootstrap.css is changing the appearance of some things, namely the "show original" message view. It also doesn't seem to detect the tracking image included by yesware<p>Edit3: Could I break this by adding "safe-img" somewhere in my tracking pixel url?<p>[1] <a href="https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin/" rel="nofollow">https://chrome.google.com/webstore/detail/chrome-extension-s...</a>
Another potential solution to block 'read receipts' is to turn off image loading by default. Its not ideal - because you don't know what images will load until you load them so you may be tempted to load images when you think there may actually be some image content there.<p>The benefit of this approach is that all marketing email won't be tracked as well.<p>disclosure: i'm a co-founder at Streak and we offer read receipts for gmail.
Here is an article explaining gmail new caching of images. <a href="http://blog.mailchimp.com/how-gmails-image-caching-affects-o.." rel="nofollow">http://blog.mailchimp.com/how-gmails-image-caching-affects-o...</a>.<p>Tracking still works and this extension is useful as long as you trust the author.
When I wrote email tracking software about 7 years ago, I dropped the 1x1 pixel, because of spam filters tripping over them. I just used any image in the email to track you and assigned it an unique URL. How do you propose catching that one?