Heebie, can you share which email provider you use? Curious only b/c AFAIK, Google goes to some trouble to ensure that what you see in gmail is all served from google's servers -- from what I understand, it re-renders the GIFs and other stuff, specifically in order to thwart some of the known attacks. [But I'm not an expert, so I could be wrong about how thorough/effective their measures are.]
If feel like I owe an apology to my boss back in 1998. I guess there is a reason to print your email.
Print it all, that is. And then have a secretary put it into folders for something called a "daybook".
2: There's a very good reason to have your secretary print out all your emails. You refuse to log on to a computer.
That attorney retired about 5 years ago.
You probably have HTML turned on in your email client. Turn HTML off and your email will not automatically load external sites (which can change). As a bonus you won't let spammers know you looked at their email.
5 is right. Technically the email--both on the server and the html delivered to your client--didn't change. It's just that there was an image link in the html to a resource whose content is generated dynamically, so each time you load the email in your client you could theoretically get a different image.
I know at least Floyd beds does this with the tracking info in their delivery notifications.
1: Yahoo. (I know. I'm so ashamed.)
5: Yes indeedy. This is one of those flashy, webby-looking emails, as well.
1 is potentially misleading - gmail (now) makes sure that images are proxied through it, so whoever sent it can't find out your network address when you read the message, but doesn't (generally) cache, so content can change and the sender can find out if and more-or-less when you looked at the message.
9: not quite.
https://wordtothewise.com/2013/12/gmail-deploys-image-proxy-servers/
https://gmail.googleblog.com/2013/12/images-now-showing.html
Per the first link, gmail was caching images starting Dec 2013, and per the second, it was scanning images at that same time.
In short, those proxy servers are caching proxies.
All my important correspondence comes from hidebound institutions like banks and nation-states, who want me to download PDFs. Sometimes I print them, even.
A dumb follow-up:
I decided to return the item. I went to the website and had them email me a return label, to print out at work. They sent it to my yahoo address. I verified that it arrived by opening the attachment to the email.
Last night, I forwarded the email with the label to my work account, so that I wouldn't forget to print it out.
Today the attachment opens just fine from my work email. It's been disabled or something from my yahoo account. FUCKERS.
OP, 8.2 and 12 together make me think the real question is what e-retailer did you buy this item from? Sounds like everyone should know so we can avoid it.
I just read this $today. I am suspicious that email messages in html and javascript can render differently in different viewing sessions, and achieve the anti-deju-vu depited in this post.
It's the CSS. You in-line a remotely hosted CSS resource, and replace it when you're ready, or make a web service that decides on the fly what CSS to send back based on your monstrous, sickening plans.
Like so: https://www.mimecast.com/blog/2017/08/introducing-the-ropemaker-email-exploit/