[MlMt] Download Images still downloads 1 pixel ones
Sam Birch
list.mailmate at munkynet.org
Mon May 9 17:31:09 EDT 2022
On 9 May 2022, at 12:32, Randall Gellens wrote:
> The difference between "Blocked" and "Strictly Blocked" is that the
> latter uses a list of known-undesirable sources?
I believe so.
> Given this, I assume the purpose of the warning that a 1-pixel image
> has been downloaded is to let the user know that the message whose
> embedded images were downloaded contains obvious trackers?
That’s my understanding.
> Yet, the message may very likely be from a "good" source but sent
> using a commercial mail distribution service which adds its own
> trackers.
I agree.
> It would be more helpful if the warning would add the source of each
> just-downloaded 1-pixel image to the "Strictly Blocked" list. Sort of
> a "Fool me once, shame on you; fool me twice, shame on me" thing.
Yes, that would be nice.
Benny has expressed vague interest in allowing users to manage the image
block/allow patterns through the UI, but I don’t think it’s a
priority currently. In the mean time, take a look at the advanced
preference `MmAllowedImageURLRegexp`.
I’ve been using this for years to unblock benign remote images, so
that I hardly ever feel the need to click the “Download” button. I
have a script that maintains it for me (but I have to add the patterns
manually). Here’s the script:
```perl
#!/usr/bin/env perl
use Modern::Perl;
use autodie ':all';
my @pats = (
'cid:',
'https://([A-Za-z0-9-]+\.)?s3[A-Za-z0-9-]*\.amazonaws\.com/',
'https://assets\.wildbit\.com/',
'https://www\.google\.com/s2/favicons\?',
'https://(images|links|www)\.mint\.com/',
#'https://github\.com/', # disabled because of
/notifications/beacon/
'https://assets\.sk-static\.com/',
'https://www\.zillow\.com/',
'https://(www|photos)\.zillowstatic\.com/',
'https://pumcgit\.prefutil\.local/',
'https://(?:[A-Za-z0-9-]+\.)?googleusercontent\.com/',
'https://gallery\.mailchimp\.com/',
'https://cdn-images\.mailchimp\.com/',
'https://www\.ups\.com/',
'https://connect\.gardnermuseum\.org/',
'https://media\.zipcar\.com/',
'https://maps\.googleapis\.com/',
'https://images\.craigslist\.org/',
'https://home\.sophos\.com/',
'https://media\.mlspin\.com/',
'https://www\.cvs\.com/',
'https://(?:[A-Za-z0-9-]+\.)?patreon\.com/',
'https://(?:[A-Za-z0-9-]+\.)?patreonusercontent\.com/',
'https://amherstcinema\.org/',
'https://files\.constantcontact\.com/9c1b9ffb601/', # Amherst
Cinema
'https://(cms|img)\.chewy\.com/',
'https://chirp\.media\.chewy\.cloud/',
'https://proxy\.harvestfiles\.com/',
'https://samhathaway\.harvestapp\.com/',
'https://www\.gardencinemas\.net/',
'https://img\.cnmhstng\.com/',
'https://d1a2o89e23clzw\.cloudfront\.net/emails/', # XConfessions
'https://cdn\.harrys\.com/',
'https://cdn\.shopify\.com/',
'https://cdn\.substack\.com/',
'https://mcusercontent\.com/',
'https://hilltownnetworks\.sonar\.software/',
'https://f\.e\.walgreens\.com/i/',
'https://mi\.walgreens\.com/p/',
'https://www\.walgreens\.com/images/',
'https://(?:[A-Za-z0-9-]+\.)?bcbits\.com/',
'https://bandcamp\.com/',
'https://www\.garnethill\.com/',
'https://(?:[A-Za-z0-9-]+\.)?scene7\.com/',
'https://static\.cdn\.responsys\.net/i2/responsysimages/quicken/',
'https://endeavorexperiences\.com/',
'https://image\.email\.bofi\.com/',
'https://services\.google\.com/fh/files/emails/',
'https://fonts\.gstatic\.com/s/i/googlematerialicons/',
'https://materials\.proxyvote\.com/Approved/IMAGES/',
'https://(?:[A-Za-z0-9-]+\.)?walmartimages\.com/',
'https://(?:[A-Za-z0-9-]+\.)?mjt.lu/',
'https://billpay\.schwab\.com/',
'https://cdn\.platinumcloud\.io/',
'https://d3k81ch9hvuctc\.cloudfront\.net/', # Simplehuman
'https://media\.wordfly\.com/isabellastewartgardnermuseum/',
'https://www\.etsy\.com/images/email/',
'https://img\d*\.etsystatic\.com/',
'https://i\.etsystatic\.com/',
'https://cascade\.madmimi\.com/', # Gonzalez and Associates
'https://d1lggihq2bt4jo\.cloudfront\.net/', # Gonzalez and
Associates
'https://www\.dreamwidth\.org/img/',
'https://github\.githubassets\.com/',
'https://www\.fastmail\.com/images/emailtemplates/',
'https://www\.chase\.com/content/dam/chaseonline/en/alerts/images/',
'https://static1\.squarespace\.com/static/',
'https://image\.e-mail\.amtrak\.com/',
'https://images\.ctfassets\.net/',
'https://d15k2d11r6t6rl\.cloudfront\.net/', # Plex
'https://media\.sailthru\.com/',
'http://image\.sfmc\.petfinder\.com/',
'https://image\.email\.ticketmaster\.com/',
'https://t\.vitacost\.com/images/',
'https://static\.airtable\.com/',
'https://live\.staticflickr\.com/',
'https://combo\.staticflickr\.com/',
'https://bbeditbeta\.slack\.com/',
'https://secure\.gravatar\.com/avatar/',
'https://[A-Za-z0-9-]+\.slack-edge\.com/',
'https://static\.xx\.fbcdn.net/',
'https://scontent\.xx\.fbcdn\.net/',
'https://www\.paypalobjects\.com/',
'https://p\.ebaystatic\.com/',
'https://i\.ebayimg\.com/',
'https://rxhealthalerts\.com/[^/]+.png',
'https://www\.chase\.com/content/dam/email/images/',
'https://static\.chasecdn\.com/content/services/rendition/',
'https://image\.link\.hellofresh\.com/lib/',
'https://cdn\.hellofresh\.com/',
'https?://mi\.hellofresh\.com/',
'https://cash-s\.squarecdn\.com/static/',
'https?://www\.ti\.com/content/dam/tinews/images/',
'https?://www\.ti\.com/webemail/graphics/',
'https://www\.ti\.com/graphics/',
'https://images\.marketing\.ti\.com/EloquaImages/clients/TXInstruments/',
'https://image\.email\.schwab\.com/',
'https://images\.sk-static\.com/images/',
'http://ordermanager\.spalding-labs\.com/themes/images/email_template/',
'https://updates\.mailmate-app\.com/icons/',
);
my $pat = '(' . join('|', @pats) . ').*';
system "/usr/bin/defaults", "write", "com.freron.MailMate",
"MmAllowedImageURLRegexp", "-string", $pat;
```
I edit the script in BBEdit (usually to add a pattern to `@pats`), save,
and then use #! → Run to actually update the plist.
Hope someone finds this interesting.
-sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freron.com/pipermail/mailmate/attachments/20220509/dddf6eb6/attachment-0001.htm>
More information about the mailmate
mailing list