apparition47 / MailTrackerBlocker

Email tracker, read receipt and spy pixel blocker plugin for macOS Mail (10.11-13.x)
https://apparition47.github.io/MailTrackerBlocker/
BSD 3-Clause "New" or "Revised" License
1.11k stars 22 forks source link

Add option to report detected trackers #78

Open j-f1 opened 3 years ago

j-f1 commented 3 years ago

Since it’s possible that someone will use a new tracking service, it would be awesome if there was a way to scan all loaded images to see if they’re 1x1. This could then result in a red X being displayed, with an option to report either the entire email or just the img tag as an issue for inclusion in future releases.

apparition47 commented 3 years ago

It's supposed to catch those 1x1 images. I'm looking into your other issues on why it isn't happening for those cases.

Right now, reporting is manual (sending me the raw eml is best). If we were to have a report feature, not sure how to handle the privacy part of it yet since emails can have sensitive information that people could manually redact otherwise

m-schmitt commented 2 years ago

I second an option to report an email that contains one or more unidentified trackers. The option would only be on emails with the grey x, and would need to be requested per email to report. It would send the raw .eml in a way that doesn't compromise privacy more than manually sending. (In fact, it would be a little better since the function could encrypt the email for transmit.)

The option could display a dialog the first time it is used, warning that the contents of the email would be viewable by the MailTrackerBlocker development team. I'd suggest an option to disable the warning for future uses, but I'd accept getting the warning every time.

One idea is for the reporting dialog to have a check box for whether the user is OK with the email being retained permanently (as a regression test case), or wants it just to be used to identify the missing tracker and then deleted.

The point is that if a user is willing to go the manual route then it would be easier if this were a one-click-to-report option.

oneofthedamons commented 2 years ago

Minimising what is sent may go some way to addressing the privacy issues. I imagine all that is needed to identify and attribute the tracker/s are some of the content and envelope SMTP headers, and the offending <img> element/s from the body?

I'd suggest removing all email addresses from the content and envelope headers, and including only the offending <img> element/s from the body. The recipient's address will be littered all over the headers (not just the content To: or possibly Cc: headers, but also in the Received: headers added by mail transport agents, and possibly custom headers added by the mail delivery agents such as X-Resolved-To: and X-Delivered-To: — Cyrus seems to add these to everything delivered to me, for example).