How to block Gmail from displaying images in emails by default

images are not displayed

Most email providers and programs nowadays do not display images and other data linked to third party servers by default when you open emails on their websites or in email clients.

If you are using Thunderbird for example, you will receive a "show remote content" notification if an email attempts to load contents from an external server.

The core reason why it is handled this way is privacy, as remote connections, for instance to load an image from a third party server, may reveal information about you.

So called header information are included in each transfer, and each header may reveal information about your operating system or language. In addition,  since a connection is made, your IP is usually also logged by the remote server.

That is not a problem if the email was sent by a friend or someone you trust, but spammers use the same method to retrieve information about you.

Block images on Gmail

Gmail up until now displayed an "Images are not displayed" notification for emails that contained images. The system provided you with options to display the images below, and to whitelist the sender of the email so that images would be displayed automatically in future emails.

Google announced a change to the way images are handled on Gmail.  Starting with today, images are automatically displayed in emails thanks to a new proxy technology that it has implemented on the site.

Images that are included in emails are transferred through a proxy automatically by Gmail, and virus checked among other things, so that they are not loaded directly from a remote server when you open the email, but from a Google server instead.

This effectively removes the need to connect to a remote server when images are included in emails that you read on Gmail.

While it is certainly improving the privacy, some users may be inclined to turn the new feature off for two main reasons:

  1. The images run through Google servers before they are displayed to Gmail users in emails. It is not clear if they are cached by the process as well.
  2. Since images get loaded automatically, it may take longer to display emails on the Gmail website.

Gmail users who did enable the "Ask before displaying external content" option explicitly on Gmail, will have the "ask before displaying external images" option enabled by default.

Everyone else needs to enable it under Settings > General before it becomes the active preference.

Doing so will block images from being displayed inline automatically when you view emails that contain images.

For now, it appears that Google is loading the image when you access the email, which in turn provides the sender with that information. It does however strip the user-agent headers, the user's IP address and cache-control headers from the response.

Closing Words

A proxy  is definitely a solution against spammers and marketers that try to collect information about users by loading contents from third party servers. It has the side-effect that many "check if the email was read" services that use images to do so won't work anymore if the recipient is a Gmail user and using the Gmail interface.

It is not clear if the new image proxying technology is also working when Gmail users are using third party clients to retrieve emails, or if those services and clients are exempt from this.

The feature is currently being rolled out for all desktop users of Gmail. Mobile users will receive the update in the beginning of 2014.

facebooktwittergoogle_plusredditlinkedinmail


Filed under:

Responses to How to block Gmail from displaying images in emails by default

  1. Cassie December 12, 2013 at 11:12 pm #

    With this rollout, we are experiencing a "bug" I believe with images just not showing up at all in our emails. Wondering how quickly they are going to fix this!

    • Martin Brinkmann December 13, 2013 at 7:38 am #

      That's strange. It is likely that this will get sorted out soon. Have you tried disabling the feature in the settings?

    • catarina December 14, 2013 at 1:17 am #

      my husband keeps hacking into my accounts and he keeps from my emails he blocks everything can u block him from my stuff

  2. imu December 15, 2013 at 1:26 am #

    Nice tool to test what is going on inside your email, which of your action pulls the trigger etc.
    Check it: hxxps://emailprivacytester.com

  3. mscha December 16, 2013 at 4:41 pm #

    > It has the side-effect that many "check if the email was read" services that use images to do so won't work anymore if the recipient is a Gmail user and using the Gmail interface.

    They most certainly *will* work, and even better after this Gmail change. :(
    Marketing mails almost always contain a "tracking pixel" with a unique URL. This is now loaded, via the proxy server, as soon as you open the mail. So marketeers now get "this message has been opened by this user" far more often for Gmail users. (They won't get any additional info, like IP address and user agent.)

    But oh boy, at least I know the JPEGs in my mail are virus free, I was so worried about those... :P

    • Martin Brinkmann December 16, 2013 at 5:30 pm #

      right, I forgot to remove that passage when I updated the article with those information. Since Google is requesting the image when the user access the email, it is not really helpful in this regard at all.

  4. John Smith December 17, 2013 at 4:29 pm #

    I'm having the reverse problem. I've always had 'ask to display images' turned on in the settings (ie. images don't automatically load). With this new Gmail 'feature', my setting was automatically changed to display images, i immediately turned it off but images in Gmail are still displaying regardless. I now have to click the 'details' setting on every email and click the 'do not display images from this user', for every single email!

    Incredibly frustrating and i'm getting annoyed at the amount of changes Google keep making that i never asked for, never use and have no option from Google to change back, i've had to install various third party extensions to change Google and Gmails settings back to the way they were. I can never understand why companies feel the need to change and update a perfectly fine system just for the sake of change without any input from the actual users themselves.

  5. J February 4, 2014 at 12:12 pm #

    I wish I'd known about these "open tracking" programs before I opened a couple of emails from someone I really want out of my life. Just out of curiosity, is there a way you can tell if someone used one of these services on you?

    Thanks in advance for any help you can provide.

    • Martin Brinkmann February 4, 2014 at 1:07 pm #

      No, that is not really possible, unless they have used a service that is openly advertising this. Just check the image source of each image to find out about the domains they have been loaded from.

      • J February 4, 2014 at 9:42 pm #

        OK, thanks for your advice!

Leave a Reply

Subscribe without commenting