25

Recently a free service came out for email tracking, bananatag.

It's able to track the fact that the email was read in gmail without any notice or strange inclusions in the email body. In this case I have two questions:

How can I block the bananatag?

How does actually this service work?

yoozer8
  • 810
  • 2
  • 7
  • 17
Igor
  • 587
  • 2
  • 5
  • 11

4 Answers4

25

It's all in the knowledgebase: https://web.archive.org/web/20140926051535/http://blog.bananatag.com/knowledgebase/how-opens-work/

We use the same technology as mass-email-marketing companies to track our Opens. This is achieved by inserting a small image in the message or Tracking Pixel into the message. When the image is downloaded you get an Open.

As a recipient of such a message who does not wish to be tracked you must either block image fetching from the bananatag servers (assuming they are easily identifiable), block images which look like tracking URLs or are smaller than a certain size, or simply block images altogether.

Dog eat cat world
  • 5,759
  • 1
  • 27
  • 46
mr.spuratic
  • 7,937
  • 25
  • 37
  • 8
    It is often difficult to block the image based on its size because you learn the size only when you have downloaded the image -- at which point it is too late. – Tom Leek Feb 15 '13 at 14:24
  • 2
    @TomLeek This is true, even doing a HEAD may count as a "hit". – mr.spuratic Feb 15 '13 at 15:10
  • 1
    And a HTTP HEAD request won't get you the image dimensions. It *might* get you the byte size of the payload data, but not much more. – user Feb 15 '13 at 15:25
  • thanks for pointing me out, we're making other experiments. It seems the person who sent me email before was marked as to accept all images in my account gmail. – Igor Feb 15 '13 at 15:33
  • You could take "size" to mean the `width` and `height` attributes of the image. If it's small enough that it probably isn't meaningful in a display manner, that's probably a good indicator that it has a different purpose. – yoozer8 Feb 15 '13 at 16:06
  • 2
    The `width` and `height` attributes are not mandatory and I expect tracking services to omit them altogether (or to set them to large values, which will have no adverse consequence for them if the image is a "background picture" and is transparent). – Tom Leek Feb 15 '13 at 16:17
12

If we're talking about gmail only:

  1. If it's a new sender you haven't conducted an exchange with (haven't sent an email and such), gmail doesn't auto-download images - you have to request it, like "Display Images" and such.
  2. If you do have regular contact with them, in gmail, go to the settings and select "Ask before displaying external content" under External Content. From there, you should have to confirm before you want images auto-previewed.

By the way, thanks for the question; I didn't know this was out there and I updated my settings appropriately.

Kprof
  • 221
  • 1
  • 4
  • 1
    This should be doable with other services and email clients as well. – Freiheit Feb 15 '13 at 18:56
  • @Freiheit Thanks; since I only use gmail, I can only confirm this for gmail; but there probably is something similar with other services (and if there isn't, something to request!). – Kprof Feb 15 '13 at 19:03
1

Another viable option is to not read mail in an HTML client - it's perhaps not ideal, but it does prevent files from being downloaded that you don't want to be.

warren
  • 659
  • 2
  • 8
  • 16
1

To escape bananatag tracking, dot not display pictures and do not click on the links within the email (they target a banatag server which then redirects you).

You can add some markup with Stylish to avoid an inadvertent click:

/* Add a big border around the tracking pixel */
img[width="1"] { border: thick solid red }

/* Add a border around banatag's evil links */
a[href^="http://s.bl-1.com"] { border: thin solid red }
BertS
  • 111
  • 1