Hi!
I recently moved to OS X and evaluate the combination of SpamSieve and Airmail.
So far both work pretty sweet, thanks for that!
But i do have a question though:
If i enable “Downlad Attachments” as recommended, and SpamSieve fails to catch a Spammail that has images to track users/emails, doesnt that mean that the Spammer can track that i opend the mail?
Can i use SpamSieve with Airmail without having to download attachments?
Downloading attachments refers to whether Airmail downloads the entire contents of the message, as received by your mail server. This enables SpamSieve to look inside the attachments to see whether they look spammy. This is perfectly safe, as Airmail is only communicating with your mail server, and the mail server has already received and stored the attachments.
Tracking images, also known as Web bugs, are not attachments. They are only referenced (not embedded) in the message. Loading remote images (as Apple Mail calls them) requires the mail program to connect to whichever Web server is storing the image, and this is where it’s possible for the spammer to tell that you opened the message.
Many thanks for your answer, Michael!
I was asking because i noticed Airmail was downloading all images embedded/referenced in a message and thought this was because of the “Download Attachement” setting.
As it is, i just found a setting in Airmail that was responsible for this behavior: “Always load images”.
So it’s safe to say that Airmail + SpamSieve is a pretty reliable Solution for me und you have a new paying SpamSieve customer
Your attachments automatically download. Whither or not it’s from a mail server, or a attacker. Your machine still downloads the threat… SpamSieve is required to download attachments before scanning. From a security stand point, this is not safe.
Here’s the Airmail attachment folder. Watch for yourself, the attachment downloads in realtime.
Macintosh HD ▸ Users ▸ jayfreeman ▸ Library ▸ Containers ▸ it.bloop.airmail2 ▸ Data ▸ Library ▸ Application Support ▸ Airmail ▸ jayfreeman@icloud.com_1 ▸ AttachmentsNg
/Users/jayfreeman/Library/Containers/it.bloop.airmail2/Data/Library/Application\ Support/Airmail/jayfreeman@icloud.com_1/AttachmentsNg
It matter that it’s downloaded from the mail server because that means that the attacker cannot tell your IP address or even that you read the message.
It’s safe to download an attachment file to your hard disk, analyze the file’s contents, and then delete it. At no point is any code in the file executed.
