Tracking sent mail – part2

With a little help from my friend Wireshark (a.k.a. Ethereal) I found out how didtheyreadit.com detects how long someone is reading a certain mail with no client side scripting.

Their serverside script uses a http/1.1 feature called chunked transfer encoding when transfering the “bait” image to the mailclient. That way the script doesn’t have to specify the “content length” header, which makes it easier to keep the mailclient busy.
Instead the data is transfered in “chunks”, which each have a small header specifiying the size of the chunk. The didtheyreadit.com script transfers the image by sending slowly tiny chunks each one byte in size. In the meanwhile it is timing the connection to see how long the email is being read

You probably have already used this feature without knowing: when you’re downloading a file and your browser doesn’t display a filesize or estimated, it’s because of chunked encoding (at least that’s what I’m guessing;-) ).
Normally chunked transfer encoding is used for dynamically generated date resulting from database queries.

Creating such chunks is easy in python (found this snippet here)

def toChunk(data):
“””Convert string to a chunk.
@returns: a tuple of strings representing the chunked encoding of data”””
return (“%x\r\n” % len(data), data, “\r\n”)

This ditheyreadit-script is going to be real short and simple🙂

Tags:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: