How to block Gmail from displaying images in emails by default
Most email providers and programs nowadays do not display images and other data linked to third party servers by default when you open emails on their websites or in email clients.
If you are using Thunderbird for example, you will receive a "show remote content" notification if an email attempts to load contents from an external server.
The core reason why it is handled this way is privacy, as remote connections, for instance to load an image from a third party server, may reveal information about you.
So called header information are included in each transfer, and each header may reveal information about your operating system or language. In addition, since a connection is made, your IP is usually also logged by the remote server.
That is not a problem if the email was sent by a friend or someone you trust, but spammers use the same method to retrieve information about you.
Block images on Gmail
Gmail up until now displayed an "Images are not displayed" notification for emails that contained images. The system provided you with options to display the images below, and to whitelist the sender of the email so that images would be displayed automatically in future emails.
Google announced a change to the way images are handled on Gmail. Starting with today, images are automatically displayed in emails thanks to a new proxy technology that it has implemented on the site.
Images that are included in emails are transferred through a proxy automatically by Gmail, and virus checked among other things, so that they are not loaded directly from a remote server when you open the email, but from a Google server instead.
This effectively removes the need to connect to a remote server when images are included in emails that you read on Gmail.
While it is certainly improving the privacy, some users may be inclined to turn the new feature off for two main reasons:
- The images run through Google servers before they are displayed to Gmail users in emails. It is not clear if they are cached by the process as well.
- Since images get loaded automatically, it may take longer to display emails on the Gmail website.
Gmail users who did enable the "Ask before displaying external content" option explicitly on Gmail, will have the "ask before displaying external images" option enabled by default.
Everyone else needs to enable it under Settings > General before it becomes the active preference.
Doing so will block images from being displayed inline automatically when you view emails that contain images.
For now, it appears that Google is loading the image when you access the email, which in turn provides the sender with that information. It does however strip the user-agent headers, the user's IP address and cache-control headers from the response.
Closing Words
A proxy is definitely a solution against spammers and marketers that try to collect information about users by loading contents from third party servers. It has the side-effect that many "check if the email was read" services that use images to do so won't work anymore if the recipient is a Gmail user and using the Gmail interface.
It is not clear if the new image proxying technology is also working when Gmail users are using third party clients to retrieve emails, or if those services and clients are exempt from this.
The feature is currently being rolled out for all desktop users of Gmail. Mobile users will receive the update in the beginning of 2014.
Advertisement
With this rollout, we are experiencing a “bug” I believe with images just not showing up at all in our emails. Wondering how quickly they are going to fix this!
That’s strange. It is likely that this will get sorted out soon. Have you tried disabling the feature in the settings?
my husband keeps hacking into my accounts and he keeps from my emails he blocks everything can u block him from my stuff
Nice tool to test what is going on inside your email, which of your action pulls the trigger etc.
Check it: hxxps://emailprivacytester.com
> It has the side-effect that many “check if the email was read” services that use images to do so won’t work anymore if the recipient is a Gmail user and using the Gmail interface.
They most certainly *will* work, and even better after this Gmail change. :(
Marketing mails almost always contain a “tracking pixel” with a unique URL. This is now loaded, via the proxy server, as soon as you open the mail. So marketeers now get “this message has been opened by this user” far more often for Gmail users. (They won’t get any additional info, like IP address and user agent.)
But oh boy, at least I know the JPEGs in my mail are virus free, I was so worried about those… :P
right, I forgot to remove that passage when I updated the article with those information. Since Google is requesting the image when the user access the email, it is not really helpful in this regard at all.
I’m having the reverse problem. I’ve always had ‘ask to display images’ turned on in the settings (ie. images don’t automatically load). With this new Gmail ‘feature’, my setting was automatically changed to display images, i immediately turned it off but images in Gmail are still displaying regardless. I now have to click the ‘details’ setting on every email and click the ‘do not display images from this user’, for every single email!
Incredibly frustrating and i’m getting annoyed at the amount of changes Google keep making that i never asked for, never use and have no option from Google to change back, i’ve had to install various third party extensions to change Google and Gmails settings back to the way they were. I can never understand why companies feel the need to change and update a perfectly fine system just for the sake of change without any input from the actual users themselves.
I wish I’d known about these “open tracking” programs before I opened a couple of emails from someone I really want out of my life. Just out of curiosity, is there a way you can tell if someone used one of these services on you?
Thanks in advance for any help you can provide.
No, that is not really possible, unless they have used a service that is openly advertising this. Just check the image source of each image to find out about the domains they have been loaded from.
OK, thanks for your advice!