Mail Tracking

It seems there is growing trend of tracking emails one sends. As an example, using a browser add-on – take a look at MAILTAG

They track you and your recipients and they share the collected information with you. That’s it!

What you usually get

You’ll know when your recipients will open your email and, optionally, if they clicked any link in that email you sent.

First when I heard about it, promoted by a Youtube channel that teaches web programming, it just sounded gross to me.

So I decided to write about it. I will try to describe the technique so you’ll understand what you are doing when you use such service.

How it generally works

The technique used is by inserting tracking code into sent emails. For example they would insert a transparent one pixel image with and ID parameter representing the email you are sending. This invisible image loads from their servers and they can tell when the mail was open and how many times. They’ll share that information with you.

To track links they would need to alter all of them in your sent email to point somewhere else where they can count clicks and later redirect to the original link.

They’ll know all the links from all email you sent and when your recipients clicked on them. The latter info they’ll share with you. The former you know already.

How to prevent being tracked

  • disable loading external images in all your email clients
  • don’t click on links unless you checked where they point
  • (most probably) ad blockers like uBlock Origin will block such links. This is not effective for standalone email clients
  • block mail client outgoing connections, but to the mail server
  • use mutt or alpine

Next available IP or Subnetwork with PostgreSQL

Calculates next available IPs or subnetworks.
You’ll need to have a table with used IPs and subnetworks defined similar to the one bellow.

    remote_addr CIDR NOT NULL CONSTRAINT ip_remote_addr UNIQUE

How it works

  • generates series of networks of length new_ip_mask_len inside the given ip_address/mask network and checks if they are available. This means there is no other (sub)network from the generated ones inside the ip table AND there is no network with the same prefix (even a bigger one) @see last where clause
  • hardcoded vars are as example, use ? bind variables from your ORM instead
  • for a single IP set the mask new_ip_mask_len to 32, duh

The SQL code

SELECT new.addr FROM ( 
    WITH vars AS (
            ''::varchar ip_address, 
            '24'::integer mask, 
            '29'::integer new_ip_mask_len
    ),   vals AS (
            ( host(network((vars.ip_address || '/' || vars.mask)::inet)) || '/' || vars.mask )::cidr AS subnet,
            ( 2 ^ ( 32 - mask ) )::integer - 2  AS max,
            ( 2 ^ ( 32 - new_ip_mask_len ) )::integer AS step
        FROM vars
    SELECT set_masklen(
        (generate_series(0, max, step) + subnet)::inet,
    ) AS addr FROM vals
) AS new
    SELECT FROM ip ip 
    WHERE new.addr >>= ip.remote_addr OR host(new.addr) = host(ip.remote_addr)