With a little help from my friend Wireshark (a.k.a. Ethereal) I found out how didtheyreadit.com detects how long someone is reading a certain mail with no client side scripting.
Their serverside script uses a http/1.1 feature called chunked transfer encoding when transfering the “bait” image to the mailclient. That way the script doesn’t have to specify the “content length” header, which makes it easier to keep the mailclient busy.
Instead the data is transfered in “chunks”, which each have a small header specifiying the size of the chunk. The didtheyreadit.com script transfers the image by sending slowly tiny chunks each one byte in size. In the meanwhile it is timing the connection to see how long the email is being read
You probably have already used this feature without knowing: when you’re downloading a file and your browser doesn’t display a filesize or estimated, it’s because of chunked encoding (at least that’s what I’m guessing;-) ).
Normally chunked transfer encoding is used for dynamically generated date resulting from database queries.
Creating such chunks is easy in python (found this snippet here)
“””Convert string to a chunk.
@returns: a tuple of strings representing the chunked encoding of data”””
return (“%x\r\n” % len(data), data, “\r\n”)
This ditheyreadit-script is going to be real short and simple 🙂