A Bug's Life

Oh, I see. I tend not to see linked images in emails so that part of the question hadn't occurred to me.

Here's an example of the HTTP request my mailer makes when it does download embedded images:

GET http://www.apple.com/euro/enews/images/spacer.gif HTTP/1.1
Host: www.apple.com
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.14eol) Gecko/20080724 Thunderbird/1.5.0.14eol
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Proxy-Connection: keep-alive

The only thing there that comes from the message is the image URL; a fraudster could just copy that and there'd be no way to tell what the content of the rest of the email was.