image opening by default

Posted on 2012-08-23
Last Modified: 2012-08-29
Content-Transfer-Encoding: base64
Content-Disposition: inline;
Content-Type: image/png;

I received an email where in gmail and other clients (I never set the preferences to allow this email address pictures), the picture was opened by default

is this something I can do in php mail()
or another php mailing library (swiftmailer, phpmailer())
Question by:rgb192
    LVL 34

    Accepted Solution

    Hi rgb192,

    If a picture is displayed without prompting you to open it, that means that the image contents are actually contained inside the email.

    So if your email body is "Hi! Here is a picture of me! <img src=''>" then you would end up with a less-than-1k email message with an image that requires the reader to specifically accept/allow the image to be shown, because it is hosted somewhere else and that can be dangerous to open something remotely.

    However, with an embedded image, your email body looks like "Hi! Here is a picture of me! <img src='cid:picofme'>" and then in another part of the message (because this requires a MIME-encoded multi-part message, meaning that there are different "sections" of the message), the image is attached like a regular attachment but given the Content-ID of "<picofme>"

    You can do this easily with PHPMailer:

    $mail->AddEmbeddedImage("photoofme.jpg", "picofme", "photoofme.jpg");
    $mail->Body = 'Hi! Here is a picture of me: <img src="cid:picofme">';

    Just be warned - this also means that your emails could be much larger, since they contain encoded images (which are usually about 30% bigger in file size than the original source image). Also, not ALL email readers will automatically open embedded images. It will have a higher likelihood than linked, remote images, but there are many that will still prompt you to display them, because there have been vulnerabilities discovered in certain images, so it is still a security issue.

    Overall, it's usually better not to embed images but use the linked versions instead. People who want to see your images in your email are going to load the images, while people you don't want to see the images will not need to load them. This means that you have saved a lot of bandwidth by only delivering images to the people who want them, while still giving the recipients what they want and making it fast to download the emails.

    Author Closing Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Is Threat Intelligence?

    Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

    Deprecated and Headed for the Dustbin By now, you have probably heard that some PHP features, while convenient, can also cause PHP security problems.  This article discusses one of those, called register_globals.  It is a thing you do not want.  …
    Password hashing is better than message digests or encryption, and you should be using it instead of message digests or encryption.  Find out why and how in this article, which supplements the original article on PHP Client Registration, Login, Logo…
    Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now