|
The Internet email system works in a way which makes tracking email
forwarding impossible. For one of the hoaxes to be true, internet email
would have to do one of the following:
(a) All internet email, no matter what the starting and finishing points,
would have to pass through (or at least be registered at) a central point.
(b) Your email software would have to somehow know the starting-point of
every forwarding chain and send a message to it every time you forward
that email.
The Internet is not built around a central computer: there's no 'hub' or
'centre of the net' which everything has to pass through. If someone in
Florida sends email to someone else in Florida, that email may never go
outside Florida. If someone in France emails someone in Germany, that
email is unlikely to ever go near Florida. There can be no way to count
how many times a message has moved from one person to another because
there's no collection-point for traffic information.
Hundreds of people and companies have written email software. As long as
the software conforms to the Internet standard it will be able to receive
and send email. The standard does not mention any way of noting the origin
of a message once it has been forwarded. If Alice sends an email to Bob,
there's nothing she can put in her message to order Bob's software to tell
her if Bob forwards her message. Even if the original message is sent
using a special piece of software (as one of the Microsoft versions of this
hoax suggests), there's no way of controlling what software Bob uses to
read or send his email.
However, problems in recent releases of several popular email applications have
created situations in which some email could conceivably be tracked. These problems have revolved around the use of the programming language Javascript in email. Javascript is typically used in Web pages, but some email application can read and perform Javascript programs included in email.
The increased implementation of email software which executes all
JavaScript found in an incoming email has made a certain amount of
email-tracking possible -- but only if the person receiving the
email has JavaScript turned-on for incoming messages. Since
JavaScript can be used to, for example, scan your mailbox or delete
all your files anyone who has their email software set up this way
is giving anyone who knows their email address a great deal of
control over their computer.
A piece of JavaScript included in an email message could conceivably
be used to send a message back to the originator of the message each
time the message was read. If the message is forwarded then it's
possible that the JavaScript will be forwarded with it. The vast
majority of email software available, however, does not understand
JavaScript and has not way of executing JavaScript found in an
incoming message. The only systems which will be vulnerable to this
attack are programs which include both web-browsing and email
capabilities such as Outlook, Outlook Express and Netscape 6.
For more on the problems with Javascript in email, see the Privacy Foundation.
At the time of writing, the Urban Legend Zeitgeist are not
aware of any email-tracking items which have actually used this
technique to track email-forwarding. It is mentioned only for
the sake of completeness.
|
Urban Legend Zeitgeist: Email Forwarding for Fun and Profit Redux