Mail security in OS X Yosemite

So you are using OS X Yosemite's built-in mail.app and you notice you are getting more spam than usual. Or you've noticed that images are being loaded in all email messages by default, instead of what you've seen with Outlook at work, where corporate policy disables displaying images in emails from unknown sources.

The two scenarios are related. There are very real reasons that policies disable the automatic display of images in incoming email. One-pixel, tiny tracking images are common in spam to alert the sender that the message was received, and that your email address is valid and is being read by a user. This means your email address is actually worth more when resold to other spammers, as there is a high(er) chance the spam will be read.

Any image can be used for this purpose. Images can also be used to exploit rendering bugs, or lend un-due credence to a fake corporate memo in a phishing campaign when the content itself would otherwise be a dead giveaway.

At any rate, you can mitigate this issue be opening your preferences in Mail.app and going to the "Viewing tab and unchecking the "Load remote content in messages" option, as indicated below:

Screen_Shot_2015-01-11_at_9_32_27_PM

Go, do that right now. When an email arrives that uses remote images, you will now see the following bar above the email:

Screen_Shot_2015-01-11_at_9_41_38_PM

Sure, incoming email is a little uglier and it takes one more click, but you've given the spammers one less avenue of success, and one less reason to bother you.