This is a feature of email clients that all of you out there must have stumbled on. Emails sent with images embedded in them (not as attachments but in the body of the message) often appear as blocked from your email client (outlook, thunderbird, yahoo mail, hotmail, gmail etc). This happens for several reasons. The root of the cause is because when an image is embedded in a message, your email client is required to open an external source and retrieve some data. In an ideal world these data would be just an harmless image. Nowadays though this is not the case.

One thing that an image source in an email can be is some sort of trojan horse that will be set to execute once you try to view the so called image. If you are unprotected by an antivirus then you will most probably be in a big trouble. This is rarely the case though simply because email clients these days are thin programs (with no way of executing code on your machine) or even web applications.

The most widely used practice of images in messages is from spammers. Now, one would ask why would a spammer do it. The mechanism is simple. Here it is step by step:

  1. Some friend of yours forwarded a message of the type “if you don’t forward this ……..” to you and a few other zillion people.
  2. The forward chain keeps on going accumulating addresses in the form of “original message from blah blah to blah blah”.
  3. This message makes it’s way back to the spammer that started this whole story, sometimes years after. Note: You don’t believe the years after part? Do you remember that email about mars being bigger than ever and all that crap? Take a peek here.
  4. The spammer now has your email in his database and you start getting all those “buy viagra now from a cheap Canadian pharmacy” and all that nonsense.
  5. Now, in that email there is an image with a source originating on a link like this “http://iamalamespammer.com/images/viagra.jpg?verify=klsjdfh994“.
  6. When you open that email and retrieve that image you basically verified to the spammer that the email that landed on his hands is correct and checked!

See what the spammer did is pretty simple. His link as you can see has a path to an image and then a parameter “verify=klsjdfh994”. He associates that parameter with your email address and issues a different one for each email he sends out. So once the specific parameter is sent to the server of the spammer he knows that this particular email (and email address consequently) is valid and reached a target!

As you can see email clients have a very good reason for blocking images from emails. Now you, as a user, I would suggest to keep that restriction and lift it only conditionally and to senders that you know.