Helping people with computers... one answer at a time.

Can someone who's sent a mail to my Hotmail address tell what IP address I actually read it on?

Maybe.

Or, to put it another way, if you're not careful, absolutely. And they might even be able to tell when. And it's not just Hotmail.

I know this seems like it contradicts what I've said elsewhere: email cannot be traced. Let me explain.

First, here's how it happens, if you're not careful:

  • If the email is in HTML format, and

  • If the sender, in that email, references images from a server that the sender controls, and

  • If you, the recipient, allow images to be shown in the mail you read

  • then the sender can see what IP address you were at when you viewed the email, and at what time you viewed the email. Of course they cannot tell whether you actually read it, only that the message was displayed.

Let me take each of those in order.

HTML formatted email is a very common way to display formatted messages. If a message has different fonts in it, uses bold and italics, color and so on, then it's probably an HTML formatted message. HTML is the technology behind web pages, but because it's become so ubiquitous, it's now being used for email messages.

One of the things you can do with HTML is embed a picture in your web page, or in your HTML formatted email. For example, this is a picture of a Hotmail warning:

Hotmail Disabled Content Warning

Regardless of where or how you view this page - in email or on the web - that image is encoded in the HTML such that it will be fetched from my server. If you were viewing this as an email message, using my server logs, I can see what IP downloaded that image, and when - effectively I can see when and from where you read your email.

Now, note the warning message shown in that example image: "Hotmail has disabled some of the content of this message for your protection". What Hotmail and most other mail programs do by default is prevent remote images from being fetched. That means that if I've encoded an image into an HTML mail, the mail programs won't even try to get it by default. If they don't actually get the image, then you won't see it, of course, but I also wouldn't be able to see anything about your having viewed that email.

Of course as soon as you say "show images" (or "enable all content" or whatever terminology your mail program uses), it'll go fetch the image from my server.

It's important to note that the image may not actually be visible, even if you do show it. So called "web bugs" are typically 1 by 1 pixel transparent images - essentially invisible. But they are images, and can be referenced remotely in email. Once fetched, the person who encoded the email can then see whether or not the email was opened, when, and by what IP address. It's a common tool email publishers use to track aggregate delivery and open rates for mailing lists.

So let's run down that list again:

  • If the email is in HTML format: none of this applies to plain text email - only rich text such as HTML formatted email has this issue.

  • If the sender's email references remote images: It's not enough to be rich or HTML email, the email must make some kind of a remote reference in order to be tracked, and an image or "web bug" is the simplest.

  • If you allow images to be shown: most mail programs will default to not showing pictures, so unless you turn images on, you're not giving away any information.

  • "In general, as long as you're careful to only display images in email you receive from known, trusted, sources, you're in good shape."

    then the sender can see the IP address and when the mail was viewed. Which, really doesn't tell them very much either. It's extremely difficult to track down an IP address to a specific person or machine. However spammers will often use this to 'tag' you ... they won't know specifically who you are, but they will know, for example, that "hey, that email address opened up my email! We got us a live one! Let's send more spam! LOTS MORE!"

In general, as long as you're careful to only display images in email you receive from known, trusted, sources, you're in good shape. And any good email program won't display images until or unless you tell it it's ok to do so.

So if all this tracing is possible, why do I say that tracing doesn't work?

Even though it's possible, if you're a sender of email, you simply cannot count on it working, and the information isn't all that useful for specific tracing if it does.

As we've seen, email programs don't display remote images by default. That means as a sender, you get nothing - unless the recipient decides you're trustworthy and enables your images.

And even if you do get the IP address, as I've discussed in several different articles here, the IP address is almost useless in determining exactly who read the mail, or where they might have been at the time.

So as a sender, actually trying to trace a specific piece of email is so unreliable as to be effectively useless.

A word about receipts.

Many email programs allow you to configure a "Read Receipt Request" or a "Delivery Receipt Request" with an outgoing message. The intent is that when the recipient of that email reads the mail, another email message is generated automatically back to the sender indicating that the mail has been read.

For all practical purposes it does not work. Much like displaying images, most email programs either ignore these requests, or at a minimum, ask first before sending any automated reply. Most people should, and do, say "no".

If, by some chance, you allow a read receipt to be sent, then yes, you are allowing your IP address to be discovered, along with the time at which you opened the email.

Article C2644 - May 5, 2006 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

6 Comments
Greg Bulmash
May 5, 2006 8:01 PM

I heard a great name for the software that purposefully inserts graphics (or "bugs") in e-mail to get information on who opened the e-mail and what their IP address is... "ratware". Furthermore, the graphic can have a unique ID code in the filename so that the person can not only tell the e-mail was opened, and what your IP address is, but associate that IP address and action with your e-mail address.

One of the reasons many of the major mail clients and mail providers stopped showing graphics in e-mails was because of this. You've probably been told: "don't unsubscribe from spam, because it confirms your address is valid, that you open spam, and you'll just get more."

Okay, so people wised up and stopped unsubscribing. Then spammers realized they could use this trick to verify that your address was good and that you open spam.

So now you have to approve the display of graphics in HTML e-mails on a case-by-case basis.

Sheesh.

shahzad
May 6, 2006 6:46 AM

my mail and their fill all abour my bio data form with sinepts is presents here if you want i can give and i have remember of my personal signature of my account ham47@hotmail.com

hellboy
June 20, 2007 10:18 PM

hey greg bulmash,

does the ratware work efectively? can u plz give me the link for downloading the ratwre tool...

ellen
February 21, 2008 2:28 PM

This is very interesting, it gives new meaning to "opening a can of worms"

How are you able to view an image without leaving information that a hacker or person can obtain illegally?

jay
March 10, 2009 6:06 AM

I copied a link to send to other recipients instead of just forwarding the email sent to me. Well,when I sent it to my son I realized the link went directly to the email in my inbox! Giving the recipient access to my email!
Why does it do that? Do I just have to forward everything that has been sent to me that I want to share with others?

Only if they know your password, since they'd have to login first. (I assume this is webmail.)
- Leo
10-Mar-2009

brenda
July 18, 2010 12:44 PM

i can across this email tracked called spypig and it tells when and where the email was opened BUT is it foolproof??? does it actually work because i have used it several times on different men from foreign countries.can i rely on this email tracking system??? check it out and reply back to me ASAP!!!!!!!!!!!!!!!!!!

These systems are not foolproof, not 100% reliable and can be easily sidestepped. In fact most email programs are configured by default to sidestep the most common tracking techniques.
Leo
20-Jul-2010

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.