Here's what they are doing. Making the text on our bank's system, then loading all pictures on an external site, then pointing to that external site to get the picture and send the e-mail blast, looking like the e-mail comes from the bank. To me, if the last thing is getting the picture from the external site before sending, then, is the e-mail actually coming from the external site or our internal site?
I did ask the question to marketing, they believe it's ok to use the external site, even though the e-mail looks like its coming from the bank. I'm uncomfortable with the CAN-SPAM act provisions of the e-mail blast coming from an external site looking like it's coming from the bank.