I do not like these masquerading things . what’s happening?
oh, and to be on topic. I’m a regular user of the daily builds on Ubuntu 14.04, doing stuff with smd up till 0402 and qfn so i can make my own prototypes
I tested your link and used wireshark to analyze it.
Does not seem dangerous to me. It is just a forwarder it seems.
(It would be better though if the link would be correctly spelled out.)
The http stream data:
My browser to the server:
GET /track/click/30243700/forum.kicad.info?p=eyJzIjoiQnV4WW4yeTZINjluNkkyQnRBaGV1UEpHMFRVIiwidiI6MSwicCI6IntcInVcIjozMDI0MzcwMCxcInZcIjoxLFwidXJsXCI6XCJodHRwczpcXFwvXFxcL2ZvcnVtLmtpY2FkLmluZm9cXFwvdXNlcnNcXFwvYWN0aXZhdGUtYWNjb3VudFxcXC80MTUxZjdmOGUxNzMzNzBkZDYyYzhhMDgyNjRkNTgwNVwiLFwiaWRcIjpcIjUzNmIwZWQ0NDQ1NTRlODI4YmVkNTgyOTZhNzdmNTNkXCIsXCJ1cmxfaWRzXCI6W1wiYTVjNzM2OGZjY2VjODQyN2M1ZTVjODRmNjE3OTdiZjBkOGNmMjkwZlwiXX0ifQ HTTP/1.1
Host: mandrillapp.com
User-Agent: Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:50.0) Gecko/20100101 Firefox/50.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
After that your browser makes some dns lookups for kicad info forum and then asks very nicely for the page. This time encryption (https) is used so the steam data is useless.
I don’t know either why the first server is needed.
It does set a cookie. Will try again to use the direct link without the cookie.
Typing in the link directly does get you to the same final page. @ChrisGammell Can you bring light into this. (I hope you are the right person to ask here.)
Well we can google. But it’s much more fun to investigate http steam data and see what happens in the background.
The direct link works. Even without the cookie set by mandrill app.
The answers in this question thread are good at explaining what mandrill app is: https://www.quora.com/What-is-Mandrillapp
Tldr: mandrillap is a service to send out (mass) emails via a webapi. it is part of mail chimp. It is used by many webservices to send out emails to their users. For example the mail confirmation or password reset mails.
The question remains: Why the â– â– â– â– does mandrill give a different link in textform than in the href part? (This is just bad praxis and should not be done this way!)
Also why does it set the cookie if it is not needed for the mail conformation? Do they maybe want to get some tracking data? I think i need a tinfoil hat.
(Answer in the question thread i provided: Yes they use this link and maybe also the cookie to see how “effective” their mails are. So yes they track how many people click on the link sent by the mail service.)
Ah, now i understand. Thank bobc for taking the time to write this
elaborate answer. It is truly amazing how you can give so much
information is such compact writing.
Hey thanks.
I am not fluent with wireshark yet. It is on my very long todo list.
what I understand from your stream is that it drops some tracking
coockies and passes than on to the real site.
As my Firefox has both the “selfdestructing-coockies” and “I don’t care
about coockies” extensions, they would have taken care of this nicely.
My concern was merely the idea that this forum was hacked and used for
harvesting data from users without their knowing (as typing messages is
“legit” harvesting. )
Also fine to notice that you can use regular mail as the interface.
This is right. It’s used to preserve the integrity of the main forum server without hosting mail via a PHP app or similar. Mandrill is pretty standard these days and it is the recommended sender service by Discourse (the forum software). Mailgun is another example.
Ah, so this is a hybrid forum, both web and mail based. good to know. As I have up till now never worked with discourse I have to get familiar with its quirks, like simple machines and older web based stuff.
Kudos to @ChrisGammell for answering. So many websites pull in so much external crap that seems to serve no purpose other than to use bandwidth and make sure as many people as possible know which websites I visit…always nice to see a site whose external services have rational justifications.
@ChrisGammell
I really don’t like the idea, that I have to ask a proprietary server (mandrillapp.com) to forward me to kicad.info
Why couln’t the links in eMails directly point to this domain?
It’s a mailserver for the high volume of emails that get sent out, similar to Mailgun or other applications. We will not be serving mail from this domain.
)