[rafBM]

CTO at Missive here. Thanks @pimterry for summing it up nicely. A note about the User-Agent: we do not forward it to the origin server as @mike-cardwell said. Our proxy always passes an iPhone User-Agent as a “lowest common denominator” to ensure CDNs won’t serve WebP images.

[firstpartyt]

Hi, I work in the tracking space, specifically first party trackers. This approach is not effective.

Here are the reasons: 1) rarely care what client the user views the email in; 2) any request to the server is enough information to identify the user, email, and open/received; 3) a tracking pixel is an antiquated form of tracking; 4) the list provided doesn’t include some big names (FB for one).

The only effective way to stop the tracking, that I’m aware of, is is to cache the result of the request. Even that doesn’t stop newer techniques. Instead what you need to do is to cache the request and then apply a model to determine if a similar request leads to a similar result for other users and serve that from the cache. To the best of my knowledge no one has built that yet, and could probably be circumvented.

[JoshTriplett]

Blocking "known" trackers is always going to be a cat-and-mouse game, though. Blocking all 1x1 images and similar would help as well, if you're doing that. But I'd still be concerned about spam that's using remote images for "this email address exists and a human reads it" verification. I'd also be concerned about read-receipt services, especially those that might support self-hosting rather than using a central service that you can easily identify.

[calvinmorrison]

By the time you check if the image is 1x1, you've already downloaded it.

The alternative expensive solution is to download EVERY image a user receives and store it indefinitely. That way the trackers aren't any more useful than "was the email received".

In short, I'd love a better solution to " load all images " vs " load no images " but that's where I ended up talking to our frontend engineer at Fastmail. Obviously he had thought about the problem a lot more then me (I do operations not any frontend) and there's no easy solution.