OS X Spotlight Glitch Exposes IP Addresses and Other System Details to Spammers - MacRumors
Skip to Content

OS X Spotlight Glitch Exposes IP Addresses and Other System Details to Spammers

by

A privacy glitch in Spotlight search for OS X may leak private details, including IP addresses, to email spammers. The flaw was first reported by German tech news site Heise and replicated in tests performed by IDG News Service.

spotlight-search
The issue affects OS X mail users who have followed conventional security recommendations to turn off the "load remote content in messages" option in the Mail app. This setting prevents the loading of remote content such as images, including "tracking pixels" that are used by spammers to harvest information when people open an email.

A glitch arises when OS X Mail users utilize Spotlight search in OS X, which includes emails in the search results. Spotlight ignores the remote content block preference from Mail and loads the remote email files as part of the search process. Once Spotlight loads one of these tracking pixels, spammers can glean details such as the IP address, OS X version, browser details, and the version of Quick Look being used.

The Spotlight preview loads those files even when users have switched off the "load remote content in messages" option in the Mail app, a feature often disabled to prevent email senders from knowing if an email has arrived and if it has been opened. What's more, Spotlight also loads those files when it shows previews of unopened emails that landed directly in the junk folder.

Currently, the only way to block this information leak is to block Spotlight from including emails in search results entirely by opening System Preferences and unchecking the "Mail & Messages" option for Spotlight. Apple has yet to comment on this Spotlight privacy glitch.

Tag: Spotlight
Related Forum: OS X Yosemite

Popular Stories

airpods pro 3 design

'AirPods Ultra' Rumored to Feature a Major Upgrade Over AirPods Pro

Thursday April 30, 2026 8:40 am PDT by
In a social media post this week, Bloomberg's Mark Gurman reiterated that Apple is planning to release new AirPods with cameras "for Siri." Last month, Gurman said these AirPods will likely be priced above the current AirPods Pro 3, which Apple sells for $249. As a result, he said Apple is likely considering using "AirPods Ultra" branding for the camera-equipped AirPods. "AirPods Ultra"...
Read Full Article81 comments
Four iPhone 18 Pro Colors Mock Feature

iPhone 18 Pro to Launch in September With These 10 New Features

Tuesday April 28, 2026 9:35 am PDT by
While the iPhone 18 Pro and iPhone 18 Pro Max are not launching until September, there are already plenty of rumors about the devices. It was initially reported that the iPhone 18 Pro models would have fully under-screen Face ID, with only a front camera visible in the top-left corner of the screen. However, the latest rumors indicate that only one Face ID component will be moved under the...
Read Full Article
M5 Vision Pro Thumb 2

Apple Has Given Up on the Vision Pro After M5 Refresh Flop

Wednesday April 29, 2026 11:31 am PDT by
Apple has all but given up on the Vision Pro after the M5 model failed to revitalize interest in the device, MacRumors has learned. Apple updated the Vision Pro with a faster M5 chip and a more comfortable band in October 2025, but there were no other hardware changes, and consumers still weren't interested. The Vision Pro has been criticized for its high price tag and its uncomfortable...
Read Full Article729 comments

Top Rated Comments

thejadedmonkey Avatar
thejadedmonkey
148 months ago
Oh for goodness sake, don't let them know my version is Yosemite and what browser I'm using! And, *gasp*, the version of QUICK LOOK?! This is an outrage.

/s
I don't think you understand what the article means.

Let me explain. If you block the tracking pixel from loading, the spammer will never realize that you received the email, and may eventually stop sending them. If they do realize that you receive the email, then they can get your IP address, know that the email address is valid, cross reference your purchasing habits with your IP address, and target you specifically with Facebook ads.

That's a major gaping privacy hole in OS X that needs to be patched.
Score: 46 Votes (Like | Disagree)
joshwenke Avatar
joshwenke
148 months ago
Oh for goodness sake, don't let them know my version is Yosemite and what browser I'm using! And, *gasp*, the version of QUICK LOOK?! This is an outrage.

/s
Score: 11 Votes (Like | Disagree)
DarkCole Avatar
DarkCole
148 months ago
Well thanks for the heads up, I've unchecked the setting in Spotlight.
Score: 8 Votes (Like | Disagree)
S
samcraig
148 months ago
As I've said before in other threads. Regardless of whether or not this is "harmful" to some or all - if there's a security issue and it's known, it should be fixed. End of story. No judgement. Simple as that.
Score: 7 Votes (Like | Disagree)
brentmore Avatar
brentmore
148 months ago
Yet another reason why Little Snitch is my favorite tech tattletale.
Score: 7 Votes (Like | Disagree)
B
BlendedFrog
148 months ago
Another reason not to use the crappy mail app. Now I know why I have always stuck to using the webmail interface.

Will Apple ever get their act together and overhaul the damn app and actually make it usable?
Score: 7 Votes (Like | Disagree)
Read All Comments