Most mature email clients have been through the wringer and are locked down to a reasonably tight subset of HTML. Especially if they have a "load remote resources" button -- you can usually expect that not pressing it will avoid any tracking risk rather than leaving you partially exposed like Evolution does.
> I suggested that maintaining a whitelist of allowed html tags and attributes, and stripping them before passing the email html onto a web browser would be a good defense in depth strategy
Are there any best in class HTML preprocessors that do this well? There are many use cases for displaying email content in e.g. CRM widgets where the underlying networking can’t be controlled. An iframe with a good CSP goes a long way, but as OP notes you want defense in depth!
Evolution lets you default to the plain text version of an email, even if it contains an HTML version [0], so if you have that setting enabled (which I do, and strongly recommend), it should hopefully reduce the impact of this issue.
[0] Edit > Preferences > Mail Preferences > HTML Messages > HTML Mode = Show plain text if present
The good news: even if you think the AI is good-for-nothing, rewriting HTML into legible plaintext is the one thing it can do pretty well. And probably even a 3B model would do well on this task, so you don't need to send the email body off to the cloud to be data-mined.
Oh, but gmail also reveals to tracking services (i.e. virtual deliverability manager from aws ses) that you opened an email even when you disabled loading images.
No reasonable person would ever think that Google preserves their privacy. Perhaps Google preserves it enough so they can sell whatever information they're hiding, but that's about it.
Obviously if you're reading gmail on the web or in the official phone app, then of course every click is observable.
But you can read gmail in thunderbird or any other email client, and in that case gmail still doesn't know anything more than that your client performed a sync, which it might be doing periodically at all times and so isn't meaningful.
HTML as a mail format is a horrifying mess. What you want is a rich text format for displaying static text and maybe some images and links and stuff. What we got is the entirety of the modern web application development environment stuffed into our mail clients, with maybe 1/100th the attention to standards compliance and bug fixing that real browsers get, and a metric ton of "Oh Wait Not That" workarounds to plug the obvious security gaps inherent in the "run web apps from any attacker who has your email address" metaphor.
This is one of the big reasons why email has pretty much died for casual use. Even in work environments almost everyone uses chat clients these days.
> This is one of the big reasons why email has pretty much died for casual use. Even in work environments almost everyone uses chat clients these days.
I don't see how this follows. Yes, HTML email fucking sucks. But most people are using Gmail, Outlook, Apple Mail, etc, all of which do a pretty good job at handling HTML emails - especially between each other. How do you go from "html emails are bad" to "html emails led to IM replacing email"?
In the 1990s it was common to exchange short, 1-line, emails - or even emails where the entire message fits in the subject line.
…you can still do that on internal email systems; but over the internet any kind of unsolicited short email will probably be dropped by Bayesian filters on the recipient’s side because the information-capacity of a short email is… well, short, making it harder to discern from short spam/attack emails.
Also, email clients are getting heavier and slower: (Classic) Outlook M365/2025/Etc somehow takes a grating 10+ seconds to fully load and warm-up on my brand new machine, while double-clicking an email to open it makes the whole thing awkwardly hang for 2-3 seconds, even when working offline. It’s given me a huge aversion to using email in general, so I’m not going to send a 1-liner via Outlook.
> Even in work environments almost everyone uses chat clients these days.
I'm not sure how this is better though. With chat clients you are completely locked into their ecosystem. Email at least is an open protocol and interoperable.
Not only does my mail usage not generate any outbound network traffic, nor follow any links, but I can also inspect and edit URLs without following them.
This has been true since the beginning of HTML email. It hasn't stopped it from proliferating. It hasn't stopped it from being de-facto mandatory, and has no chance of reversing the course now.
HTML is going to be inseparable part of e-mail for as long as e-mail lives, and yeah, it seems more likely than e-mail will die as a whole rather than get any simpler technically.
At this point we can only get better at filtering the HTML.
I'm pretty sure that the real reason is spam. Nobody is composing e-mail with complex designs to send their colleagues.
I feel like the major problem with almost everything that has a feed these days is the feed. Real state is a finite resource victim of the tragedy of commons: to be visible, you must post, but if others post, you are less visible, so to be even more visible, you post more, which prompts others to post even more, and anyone who doesn't play this game loses.
This happens with all feeds: chronological feeds on Tumblr, e-mail, RSS, etc.
One project I've seen that has tried a novel approach to this was https://fraidyc.at/ Essentially instead of putting all posts in a line, it's an RSS client that just tells you who has posted recently but not what they have posted.
Between my network ad blocker and VPN, I’m lucky for an email that is anything beyond formatted text to render properly anymore.
I’ve practically given up on clicking any sort of links from marketing emails as they are full of multiple redirect trackers. Which, is a shame, as these are obviously from companies I care to keep up with and support.
Email will always have its place, but I agree the default email experience we all know shouldn’t default to essentially a viewport.
Mine blocks any external resources unless you choose to download them with a button on the top of the email. Helps lower their ability to track as well, on top of the other precautions.
No kidding. If your org is large enough, you have to communicate with nontechnical people sometimes. Unless you're a Microsoft shop, they probably aren't using your chat platform of choice. Email is still the first stop where I work. Not to mention talking to people _outside_ of my org, which is _most_ communication for me.
Readit News
Are there any best in class HTML preprocessors that do this well? There are many use cases for displaying email content in e.g. CRM widgets where the underlying networking can’t be controlled. An iframe with a good CSP goes a long way, but as OP notes you want defense in depth!
[0] Edit > Preferences > Mail Preferences > HTML Messages > HTML Mode = Show plain text if present
How? Even if they write in HTML only there is nothing which could prevents a email client from just not rendering them which would mean plaintext.
This was a big announcement with Apple Mail Privacy Protection, included in iOS 15 (Sept. 2021). Sent marketers into a small panic.
If Gmail did so as well, should’ve been bigger news and figure they’d remind us we could disable the load remote content option.
Edit: one marketing site describes a new category of Apple Opens (vs. Human Opens), so sounds like the feature’s effective
But you can read gmail in thunderbird or any other email client, and in that case gmail still doesn't know anything more than that your client performed a sync, which it might be doing periodically at all times and so isn't meaningful.
This is one of the big reasons why email has pretty much died for casual use. Even in work environments almost everyone uses chat clients these days.
I don't see how this follows. Yes, HTML email fucking sucks. But most people are using Gmail, Outlook, Apple Mail, etc, all of which do a pretty good job at handling HTML emails - especially between each other. How do you go from "html emails are bad" to "html emails led to IM replacing email"?
…you can still do that on internal email systems; but over the internet any kind of unsolicited short email will probably be dropped by Bayesian filters on the recipient’s side because the information-capacity of a short email is… well, short, making it harder to discern from short spam/attack emails.
Also, email clients are getting heavier and slower: (Classic) Outlook M365/2025/Etc somehow takes a grating 10+ seconds to fully load and warm-up on my brand new machine, while double-clicking an email to open it makes the whole thing awkwardly hang for 2-3 seconds, even when working offline. It’s given me a huge aversion to using email in general, so I’m not going to send a 1-liner via Outlook.
I'm not sure how this is better though. With chat clients you are completely locked into their ecosystem. Email at least is an open protocol and interoperable.
Not only does my mail usage not generate any outbound network traffic, nor follow any links, but I can also inspect and edit URLs without following them.
HTML is going to be inseparable part of e-mail for as long as e-mail lives, and yeah, it seems more likely than e-mail will die as a whole rather than get any simpler technically.
At this point we can only get better at filtering the HTML.
I feel like the major problem with almost everything that has a feed these days is the feed. Real state is a finite resource victim of the tragedy of commons: to be visible, you must post, but if others post, you are less visible, so to be even more visible, you post more, which prompts others to post even more, and anyone who doesn't play this game loses.
This happens with all feeds: chronological feeds on Tumblr, e-mail, RSS, etc.
One project I've seen that has tried a novel approach to this was https://fraidyc.at/ Essentially instead of putting all posts in a line, it's an RSS client that just tells you who has posted recently but not what they have posted.
There is a use case of using HTML for transactional emails:
- enhance company branding with design - embed call to action items via hrefs
I’ve practically given up on clicking any sort of links from marketing emails as they are full of multiple redirect trackers. Which, is a shame, as these are obviously from companies I care to keep up with and support.
Email will always have its place, but I agree the default email experience we all know shouldn’t default to essentially a viewport.
But yeah, it's pretty horrendous by default.
Maybe in your bubble, but globally this is just false.