Google takes on spammers by caching all Gmail images on its servers

By , Dec 12, 2013

Google inline images teaser

Doesn’t it bother you that Gmail on the web and mobile puts up the Show Images link at the top of your email messages that contain images, like HTML newsletters? That message will be no more real soon as Google changes how Gmail handles images in emails.

According to the official Gmail blog, both Gmail on the web and Gmail for the iPhone and iPad (and Android) will now let you see all Gmail images automatically.

Moreover, the linked images will no longer load from their original external host servers and will instead be served through Google’s own secure proxy servers. And because the images will be checked for known viruses or malware, the change will make Gmail safer and more secure, the search monster argued…

Here’s what I’m talking about.

Google inline images animation

Google’s servers are crazy fast so those Gmail messages should load faster than ever.

On the downside, the upcoming feature could concern users worried about privacy as Google will be technically modifying the contents of your email messages in order to re-link images to their counterparts on Google’s servers.

I, for one, am hoping that the change will also protect us against images used for viewer tracking and marketing campaigns. Marketers often used dirty little tricks to tell whether you’ve seen their messages, such as tracking image content pull requests as you open their emails.

Google acknowledges as much:

In some cases, senders may be able to know whether an individual has opened a message with unique image links. As always, Gmail scans every message for suspicious content and if Gmail considers a sender or message potentially suspicious, images won’t be displayed and you’ll be asked whether you want to see the images.

The company argues that senders won’t be able to use image loading to get information like your IP address/location or set/read cookies in your browser. At worst, marketers will be getting positive hits on every single image from every single email they send to Gmail addresses.

And should Gmail consider a sender or message potentially suspicious, images won’t be displayed and you’ll be asked whether you want to see the images.

There’s a healthy discussion brewing over at HackerNews on whether or not Gmail will blow up email marketing by caching all images on its servers so give it a read if you want to educate yourself on the topic.

According to ArsTechnica, “unless you click on a link, marketers will have no idea the email has been seen”. Unfortunately, I don’t think that will stop spammers who use the unique tracking URL technique for inline images.

Google says you can always turn off image caching be ticking the Ask before displaying external images box under the General tab in Gmail’s Settings interface on the web. That option will also be the default for users who previously selected Ask before displaying external content.

Google (web Settings, inline images)

This will switch you back to authorizing image display on a per-message basis.

Of course, you can always tell Gmail you’d like to see images from a particular sender by clicking Always display images from sender@domain.com in the green box above your message.

To prevent auto-load for email images on a per-sender basis, open a message from a specific sender, click the show details icon below the sender’s name and then hit the Don’t display from now on link.

But what about mobile?

At any rate, I’ll be keeping my fingers crossed for an option to download images Only When On Wi-Fi for the iPhone and iPad app because I’d hate to see those image-heavy newsletters and PR pitches eating into my cellular data plan. And while we’re at it, how about a quality setting so I could tell Gmail to downsample high-resolution images (as in, optimized for Retina screens) when accessing Gmail on a cellular connection.

The new image handling will rollout to desktop users today, and it should hit mobile iOS and Android apps sometime in early 2014, the company confirmed.

Gmail is free in the App Store.

What say you?

Is this change going to affect email marketers and spammers?

  • Share:
  • Follow:
  • ✪ aidan harris ✪

    “And because the images will be checked for known viruses or malware, the change will make Gmail safer and more secure, the search monster argued…”

    Can an image really contain a virus or malware? Perhaps it could link to a virus or malware but I’ve never heard of an image actually being a virus or a form of malware.

    Also wouldn’t serving the images via a proxy server allow for Google to modify the images or even completely replace the images should they want to?

    • Julio Cesar

      There’s several ways to “bind” image and virus files together…

      • ✪ aidan harris ✪

        Care to elaborate? It all sounds very technical and extremely hard to pull off (assuming it is possible). I’ve heard of exploits involving GIF images but that is all. Assuming this is a common thing I’d love to find out more about it and how it is performed and can be prevented…

      • Julio Cesar

        Not really, it’s quite simple…
        Just have to open a software and select two files… Done.

      • ✪ aidan harris ✪

        I could understand if those two files were executable files but surely no good email client should be running executable code from an image file?

      • Julio Cesar

        You’re not getting the point…
        They can bind a image and another file… Right?
        You just download the image to see it bigger.
        You open the file and you got infected.

        You can’t get infected by just seeing the the image in the webpage or email client…

      • ✪ aidan harris ✪

        “You’re not getting the point…You can bind a image and another file… Right?
        You just download the image to see it bigger.

        You open the file and you got infected.”

        Surely this is nothing to do with an email client though. If that was to happen that would be to do with the operating system which unless its Chrome OS or Android should be of no concern to Google. My point was what Google is doing seems overkill for what an email client should be doing…

      • Julio Cesar

        hum, yes, but they may end up being blamed for allowing the sending and receiving this kind of thing.

      • John

        JPG files have also been known to contain viruses inside them

  • Jonathan

    Might you want to blot out that person’s email?

  • Fraz

    So google will have access to all our pictures as well? -.-

  • ticky13

    “I, for one, am hoping that the change will also protect us against images used for viewer tracking and marketing campaigns. Marketers often used dirty little tricks to tell whether you’ve seen their messages, such as tracking image content pull requests as you open their emails.”

    How is this dirty and how does it affect you? No different to this website using cookies to track who visits.