Note: This document discusses Mail, an application included with Mac OS X. The same concepts apply to other email applications you may use.
Background concepts
The pages you view in a Web browser are most often written at least in part in hypertext markup language (HTML). On an HTML Web page, you most often see two types of content placed by the page author: text and images.
The text is actually contained in the HTML, but the images are not. Rather, the page author places a text link that loads the image file from a different location. Your Web browser loads the text portion first, then subsequently sends a request for the images, which are loaded afterwards.
Because modern email applications can receive HTML-formatted email messages, you should be aware that your email application sends the same type of outgoing requests for images that are made by your Web browser. This feature is often referred to generically as "HTML rendering". In Mail Preferences, this option is labeled "Display images and embedded objects in HTML messages".
How viewing HTML messages relates to spam
There are both advantages and disadvantages to having HTML rendering turned on in Mail or any other email client application. You should consider these when evaluating your personal preferences. The advantage is that you will be able to see HTML-formatted email as the sender intended. When this is from someone you know or another legitimate source, this is aesthetically desirable and provides a better user experience.
However, spammers can use HTML mail to easily verify that your email address is valid, which is a disadvantage. This is often done by embedding your email address in the HTML links (particularly for graphics). When your mail application connects to the Internet to load graphics from the spammer's Web site, the spammer can log your address as "known good." Here is an example of how your email address may be embedded in a link:
In this example, a spammer working for example.com is attempting to verify the address "yourname@apple.com". This is one common example of the syntax used, and many other variations are possible.
Since spammers often start with randomly generated email addresses, verification of your address means that you may receive even more spam after knowingly or unknowingly loading such links. If you use the Mail spam filtering feature, this may not be of great concern to you.
However, if you prefer to tightly control your email address, turning off HTML rendering can be a good idea. If the HTML is not rendered, then no request is sent to the spammer when viewing the mail.
A middle ground solution is to leave rendering on but not use the preview pane, because the outgoing request that transmits your email address to the spammer is not sent until you view the message. Thus with the preview pane off, you may delete the message without verifying your address to the spammer. In this manner, you can still enjoy HTML rendering in messages from legitimate sources.
If you choose to turn off HTML rendering, beware that clicking any link in the unrendered message may compromise your identity. When viewing a spam message, do not click on any link that contains any portion of your email address. If the link appears to include encrypted data (looks like random characters), this could also be your email user name.
To learn more (including how to turn off the preview pane), see these technical documents:
107399: "
Mac OS X Mail: How to Delete Multiple Messages Without Viewing Them First"
107400: "
Mac OS X Mail: How to Turn On or Off HTML Rendering"