l_rivers wrote:Upon upgrading to Little Snitch 3.0 I decided to actually mount the monitor and watch my CPU and network. I run Snow Leopard, Mac OS 10.6, on a Mac Pro.
I keep the little snitch network monitor on the right-hand side of the screen and my writing and application windows to the left so I can keep an eye out. And I noticed that my e-mail program, postbox, has a notation of “27 servers” and a list of various websites linked to businesses or tracking organizations that seem to be some kind of application hidden in the text of e-mail messages.
In other words there seems to be 27 pieces of e-mail with some kind of active link in them. What am I to make of this? One of them of course is my own e-mail host, but PayPal and double-click and Google analytics are there to.
It's very likely that emails contain active links. The way they work is to direct your email client (Postbox) to make the connections and download pictures or other content. Limits on what they can do will depend on how much Postbox can or will do.
Connections shown in Network Monitor have already been allowed, or blocked if shown in red.
Some connections might also be from Postbox itself. The website says it's "The most socially connected email client around", with integrations to almost everything it seems.
-snip- a tiny portion from the website
"Social connections add a personal touch
-Profile photos from Facebook, LinkedIn, Twitter, Gravatar and the Address Book
-Automatically displays job titles and company names from LinkedIn
-Quick and easy access to LinkedIn, Facebook and Twitter profile pages
-Update status directly to Facebook, Twitter, and LinkedIn"
I don't know what all that means, but it sounds like a chatty app to me.
Are these lists of links I can make active by clicking them, in other words gateways to potential trouble? Have they a life of their own that simply by reading an e-mail or passing the cursor over their link some mysterious process that I cannot control is initiated?
You can control it with Littlesnitch. Allow connections to your email host, and wherever else you want, block the rest. The question is, you're running a "socially connected" app, how much do you really want?