 Readnotify. Spyware?
Wednesday, 24 August 2005
When I first heard of this from a colleague of mine, and based on her enthusiastic explanation, I thought it was just another shonky internet venture. But I was only partially right, it’s a little more sinister than that.
ReadNotify is a form of spyware, which allows paid subscribers to track any email they send to you.
From the ReadNotify website:
“ReadNotify is the most powerful and reliable email tracking service that exists today. In short ReadNotify tells you when email you sent gets read / re-opened / forwarded and so much more.”
Basically, once you’ve paid your money, all you have to do is add .readnotify.com to the end of the recipients email address. So, if you were sending an email to user@domain.com, you would send it to user@domain.com.readnotify.com and their mail servers would (after massaging the message headers) forward the email to your unsuspecting recipient.
Unless your intended recipient makes a habit of checking all email headers, they won’t even know your email is being tracked. The information which is tracked on your behalf apparently includes:
- Date and time opened
- Location of recipient
- Map of location
- Recipients IP address
- Apparent email address of opening
- Referrer details
- URL clicks
- How long the email was read for
- How many times your email was opened
- If your email was forwarded, or opened on a different computer
Although they claim that their product doesn’t breach any privacy regulations in any countries, it certainly is anything but ethical as far as I’m concerned.
Read that last bullet point above again. In other words: the sender of an email can find out who the recipient has forwarded the email to.
Is that ok with you? It’s not with me. So I took up their “free 30 day trial” offer and signed up to do a little investigation. Below are some of the email header fields which the ReadNotify spyware manipulates:
- Resent-From: snoop@hotmail.com.tgiwcoqnojrvdek.emsvr.com
- Notice-Requested-Upon-Delivery-To: snoop@hotmail.com.tgiwcoqnojrvdek.emsvr.com
- Return-Path: snoop@hotmail.com.tgiwcoqnojrvdek.emsvr.com
If you’re running spam filtering software, any of these three fields is worth blocking on.
REJECT = ^notice-requested-upon-delivery-to: .*\.emsvr\.com
As you can see, I just kill any message ending with .emsvr.com, before it even gets into my inbox.
|
Why are all you people suddently sending me emails?
Seriously though - if you forward an email you got to someone else, you have in fact commited an offence (under the copyright act) - just becuase you receive an email - does not suddenly make it yours.
And under the copyright act - the owner of the copyright (sender of the email) is granted rights to protect it, which happens to include making sure you don't forward it someplace without permission.
My apologies for the careless use of your name, John Smith. I have edited the post to use the generic user@domain.com instead.
I think everyone is right here.
But I am aware that my emails are not private as I intended to be when sent but I'll have to live with that (it seems) but I think when one puts in ones disclaimer that they use ReadNotify then the receiver can/must be aware that they may not misuse the received emails.
I think the rights of people who send an email to one another are higher and exclusive than the receiver from the email. Gather from this that one should also not like it when a snailmail letter is being read by others than the one it was send and intended to be for.
And yes, copyright and privacy between two people is paramount and may not be disclosed. One may think that the content of an email is not that important and can be made public as one thinks it to be as the receiver of that email. The sender may have other thoughts and feelings and does not want to spread their information or whatever all over the web planet.
So therefore I'll tend to go that ReadNotify is a service which deserves to be in place.
See what can be misused and shared by P2P and so on, can also be misused by email.
All the content in that mail and the attachments are granted for use by the receiver from that mail but I think it's always owned by the sender(s) from that email.
And many people are too stupid to read the headers etc and also the disclaimer they are often too stupid and too lazy to do so and they deserve to be treated this way. When one doesn't want to hear and read than one has to feel the punishment. But OK, somehow it stays Spyware alight I agree with that.
Basically I think that email programs like Outlook (Express) should have features like ReadNotify has, build in themselves.
I get fed up by people who don't want to press the YES or NO button when they are asked, to let the sender know they seen and opened their email. It is the same energy they spend to press either one of them. And why not give a sender peace of mind?
That is what I think, thanks for reading.
Ron,
Although I don't believe in censorship, I've been forced to run your comments through a spelling and grammar checker, as I've really struggled to make sense with a lot of what you had to say. I hope my corrections accurately reflect what it was you tried to say and please, in future, take note of our basic rules of commenting, which are shown on every comment form:
Other than that, I think you make some equally valid points. Where our opinions differ seems to be in the issue of choice. As far as you're concerned, the sender "owns" the email, and therefore has "higher rights". I believe that unless the sender has the receivers permission to track the email, then the sender has violated the receivers rights to determine the circumstances of the engagement.
I doubt you'll disagree with me when I say that unless the receiver knows up-front about the involvement of any third parties, then the sender is violating the receivers trust. In the case of the Readnotify "service", this is exactly what's happening because the receiver has to inspect the email headers to find out that Readnotify is tracking (and using) the information contained in the email.
Hello,
After reading the first message I felt I just had to comment.
I use Readnotify, and this is why: After a long period of time it was finally determined that someone with a lot of computer savvy was able to hijack some of my emails as well as gain access to my email account. With the personal information they gathered, I became a victim of identity theft. Many credit card accounts were opened in my name in another state and even two different countries. For almost 3 years I've been living a nightmare over this. Yes, I use Readnotify, but for only one reason; to be absolutely certain my emails are delivered to the intended recipients email server and not hijacked. Readnotify is only one line of defense I now have use to try and prevent this from happening again.
I am not interested where the receipent is located, how many times the email is opened, if it's forwarded, etc. My only concern is that they actually receive my emails.
Some may use Readnotify for creepy purposes, and it may be somewhat unethical. However, it is definitely unethical to steal someones identity and creating an unending hell. I only want to try and protect myself from the many criminals that are apparently out there. Its not a sevice I want to use, but feel I have to use.
I have informed many who know of my identity theft problems that I use Readnotify and they seem to understand.
I never ever post messages, however, I just wanted to contribute a different point of view as a user of Readnotify.
Please don't be too harsh, for unless identity theft happens to you, you can't possibly know what one has to go through. Yes, I'm trying to justify, but my experience has made me a bit parnoid regarding emails.
I apologize in advance for any grammatical or spelling errors.
Thank you.
One of my friends just installed this. As far as I can tell from reading readnotify.com it must some embed into the recepient's computer and reports back all kinds of stuff to readnotify.com. I got messages saying my registry had been changed but I can't find them. Do you know what programs or files one needs to eliminate on one's computer to be rid of this? PLEASE. I feel my privacy has been totally breached. Thank you.
ReadNotify tracks emails - it is not a program, and it does not change any settings or registry stuff on your PC.
When someone sends you an email - that email remains their property. If you do stuff with their email without their permission, you are technically commiting a copyright violation, which is why email owners are allowed to use tracking to protect their property on your PC.
Is there a phone number for ReadNotify. I would like to talk with someone there. I live in the US. Thanks
After cancelling my subscription to ReadNotify, I uninstalled the program but a fragment of the program appears each time I start my computer. Their tech support was of no help.
I ran the free trial and decided not to purchase because when I installed it, it wouldn't allow me to send e-mail from my yahoo account. It allows me to type it all up but won't allow me to click the send button. Now I have uninstalled it and it still won't let me send e-mail. Can someone please help?????
I use readnotify in my business practices to verify the receipt of email billings. Removes the ol "never got it" excuse. You can use it without installing any software on your workstation. Their software is only for quick linking back to your account and options for email sending. I had originally set my system to automatically add the notify extension, but had a few complaints and removed that setting. Now I only add it as needed.
how about spypig.com? anyone know anything about it?