Better security and privacy through image proxying
blog.fastmail.fm> The image server remains in the dark about who has actually requested it. That’s a big plus for your privacy.
Unless, of course, the image has an email-unique key in the URL somewhere.
I have edited that sentence to say "where the request came from" rather than "who has actually requested it".
Overall though, its still an improvement. A key in the URL does verify that the email address is deliverable, which isn't nothing, but still can't be directly correlated with an IP address or other tracking data.
Also: Reading/writing a user-uploaded file instead of serving it directly can reduce the risk of a malicious file being executed by the server.
(No c99.php.gif for you!)
Presumably this addition was prompted by Google adding the same thing to GMail earlier this year.
Actually the reason is that we're planning to roll out an EV cert later this year, and we hated the idea that an arbitrary email can remove the green badge.
Once we decided we wanted to do this, then we looked around to see what other places were doing. That's when we noticed Gmail, but it was actually Github's Camo proxy that we thought of first (and ended up cloning).
Your comment here strongly suggests the padlock was the primary reason for this change.
The content of the blog post strongly suggests that increased privacy was the primary reason and that the padlock change was secondary.
I'm surprised you weren't aware of GMail rolling this feature out. It was big news at the time. Not least because a lot of advertising companies were worried it would affect their bottom line.
> Your comment here strongly suggests the padlock was the primary reason for this change.
It was the initial motivator. The privacy advantages however are still real. Ultimately it all goes to our customers being able to have confidence that when they're using the service their security and privacy are being taken care of.
> I'm surprised you weren't aware of GMail rolling this feature out. It was big news at the time.
Honestly, I can't remember if I noticed when GMail rolled it out. Looking back on the press from the time, I imagine that if I thought anything it was "oh, you too" because I strongly remember Github rolling out a similar feature in 2010.
https://github.com/blog/743-sidejack-prevention-phase-3-ssl-...
And sure, its not exactly the same thing, but close enough that it might not have stood out to me.
Did others at FastMail notice? Maybe. I certainly don't have a record of a conversation about it, and the first discussion we had about implementing our own image proxy was in May, and Gmail was not mentioned until much later once we decided what we wanted to do and starting shopping around for an off-the-shelf package.
I'm not sure what point you're trying to make. Or are these just observations?
Your responses are overly defensive. I simply pointed out GMail also did this same thing earlier this year, that your comment contradicts your blog post, and that I find it highly surprising that somebody who works in the email business wasn't aware of this. You can take these as "observations", or you can dream up a "point" that I'm trying to make. No skin off my back.