You're right. Google changed the way they did images a while back to prevent email image marketers who used to track when the user opened an email using a 1pixel transparent image downloads.
"1x1 transparent pixel" is called a "tracking pixel".
Gmail still allows marketers to track when a user opens an email (even better than before, since it no longer asks users whether they want to load images). However, they proxy the request so that the tracking pixel host no longer gets the user's IP address or third party cookies.
Then don't open spam? I don't think a spam email has made it to my inbox in almost 5 years. Google's proxy protects your private data and only informs the sender that the email has been opened. I would hardly call that "unsafe"
They changed about two years ago to run all images sent to a gmail address through their servers (and presumably store them). It specifically didn't effect marketing though. I was working in email marketing at the time and there was some temporary gnashing of teeth but this was not much more than a blip.
Gmail still allows marketers to track when a user opens an email (even better than before, since it no longer asks users whether they want to load images). However, they proxy the request so that the tracking pixel host no longer gets the user's IP address or third party cookies.